338597 matches found
RHEL 9 : firefox (RHSA-2026:17689)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17689 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021618)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021618 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX...
Amazon Linux 2023 : PackageKit, PackageKit-command-not-found, PackageKit-cron (ALAS2023-2026-1639)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1639 advisory. PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021654)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021654 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2getinitinode fails syzbot is reporting busy inodes after unmount, for...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021560)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021560 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix a potential memory leak in rtwinitcmdpriv In rtwinitcmdpriv, if...
Amazon Linux 2023 : lcms2, lcms2-devel, lcms2-utils (ALAS2023-2026-1657)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1657 advisory. Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication. CVE-2026-41254 Little CMS lcms2 2.16 through 2.1...
RockyLinux 9 : libcap (RLSA-2026:19346)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19346 advisory. libcap: libcap: Privilege escalation via TOCTOU race condition in capsetfile CVE-2026-4878 Tenable has extracted the preceding description block directly from th...
RockyLinux 9 : freeipmi (RLSA-2026:19208)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19208 advisory. freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 Tenable has extracted the preceding description block directly from the RockyLinux...
Linux Distros Unpatched Vulnerability : CVE-2026-43312
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe,...
Linux Distros Unpatched Vulnerability : CVE-2026-44378
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns of indefinite length encodings in BER data could cause quadratic behavior in the parser,...
Amazon Linux 2023 : microcode_ctl (ALAS2023-2026-1675)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1675 advisory. Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high...
RHEL 8 : thunderbird (RHSA-2026:19466)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19466 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021529)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021529 advisory. In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: Fix double free in dvbregisterdevice In function dvbregisterdevice -...
Linux Distros Unpatched Vulnerability : CVE-2026-33278
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code...
Linux Distros Unpatched Vulnerability : CVE-2026-43455
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mctp: route: hold key-lock in mctpflowprepareoutput mctpflowprepareoutput checks key-dev and may call mctpdevsetkey, but it does not hold key-lock while doing s...
Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2026-1665)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1665 advisory. pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such...
Fedora 43 : expat (2026-89f45c355d)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-89f45c355d advisory. Rebase to version 2.8.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021565)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021565 advisory. In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid maxflowrings from dongle When firmware hit trap at...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021566)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021566 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up sidomain in the initdmars error path A splat from kmemcachedestroy was seen...
Splunk Universal Forwarder 9.4.0 < 9.4.11 (SVD-2026-0506)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0506 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
Linux Distros Unpatched Vulnerability : CVE-2026-43371
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: macb: Shuffle the tx ring before enabling tx Quanyang observed that when using an NFS rootfs on an AMD ZynqMp board, the rootfs may take an extended time t...
RHEL 9 : python3.9 (RHSA-2026:19576)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19576 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
RHEL 8 : container-tools:rhel8 (RHSA-2026:19634)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19634 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021551)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021551 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: avoid crash when inline data creation follows DIO write When inode is created and written t...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Highlight.js vulnerability (USN-8276-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8276-1 advisory. It was discovered that Highlight.js used plain JavaScript objects for internal language name lookups, making them susceptible to prototype...
RHEL 9 : gimp (RHSA-2026:19362)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19362 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...
RHEL 9 : libsndfile (RHSA-2026:19610)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19610 advisory. libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: integer...
Linux Distros Unpatched Vulnerability : CVE-2026-42944
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a vulnerability that results in heap overflow when encoding multiple NSID and/or DNS Cookie EDN...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021571)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021571 advisory. In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6create sockinitdata attaches the allocated...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021609)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021609 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dcvalidatestream Why prevent invalid memory access...
Linux Distros Unpatched Vulnerability : CVE-2026-41999
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect Behaviour of Views with TCP PROXY Requests CVE-2026-41999 Note that Nessus relies on the presence of the package as reported by the vendor...
RockyLinux 9 : LibRaw (RLSA-2026:19345)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19345 advisory. LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via heap-based...
Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2026-1677)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1677 advisory. RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution CVE-2026-5405 Tenable has extracted the preceding description block...
Amazon Linux 2023 : cups, cups-client, cups-devel (ALAS2023-2026-1668)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1668 advisory. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, CUPS daemon cupsd contains an authorization bypass...
Fedora 43 : firefox / nss (2026-cd20332935)
The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-cd20332935 advisory. Update NSS to 3.123.1 Update to Firefox 151.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
Linux Distros Unpatched Vulnerability : CVE-2025-54518
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a...
Fedora 43 : mysql8.0 (2026-0c462e5676)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0c462e5676 advisory. MySQL 8.0.46 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-46.html Known issue: s390x-specific issue - zlib with DFLTCC...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021556)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021556 advisory. In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfsdautomount When mounting from a NFSv4 referral, path-dentry can end up bei...
Linux Distros Unpatched Vulnerability : CVE-2026-45185
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends...
Linux Distros Unpatched Vulnerability : CVE-2026-34159
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor'...
RHEL 8 : firefox (RHSA-2026:19542)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19542 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Fedora 44 : erlang-cowlib (2026-84270bbc49)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-84270bbc49 advisory. Cowlib 2.16.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
RHEL 7 : glib2 (RHSA-2026:19566)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19566 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, th...
Fedora 43 : mysql8.4 (2026-a7adf2637c)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a7adf2637c advisory. MySQL 8.4.9 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-9.html Known issue: s390x-specific issue - zlib with DFLTCC...
RHEL 9 : rhc (RHSA-2026:19369)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19369 advisory. rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security...
Linux Distros Unpatched Vulnerability : CVE-2026-43322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in lereadfeaturescomplete This fixes the following backtrace...
Linux Distros Unpatched Vulnerability : CVE-2026-44390
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name...
Linux Distros Unpatched Vulnerability : CVE-2026-43442
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iouring: fix physical SQE bounds check for SQEMIXED 128-byte ops When IORINGSETUPSQEMIXED is...
Linux Distros Unpatched Vulnerability : CVE-2026-42256
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. From versions 0.4.0 to before 0.4.24, 0.5.0 to before 0.5.14, and 0.6.0...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021524)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021524 advisory. In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential null-ptr-deref in deviceadd I got the following null-ptr-deref report...