338622 matches found
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021547)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021547 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/modes: Avoid divide by zero harder in drmmodevrefresh drmmodevrefresh is trying to avoid divi...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021548)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021548 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sblvbptr I experience issues when putting a lkbsb on the stack...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021636)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021636 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsocket: fix sk refcount leaks We must put 'sk' reference before returning. Tenable...
Amazon Linux 2023 : cargo, clippy, rust (ALAS2023-2026-1676)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1676 advisory. Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero. CVE-2026-6654 Tenable has extract...
Linux Distros Unpatched Vulnerability : CVE-2026-43619
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir,...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021596)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021596 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The daxiomaprw does t...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021652)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021652 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021562)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021562 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a...
RHEL 9 : dnsmasq (RHSA-2026:19373)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19373 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...
Linux Distros Unpatched Vulnerability : CVE-2026-43369
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix NULL pointer dereference in device cleanup When GPU initialization fails due to...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021572)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021572 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-mq: avoid double -queuerq because of early timeout David Jeffery found one double -queuerq...
Linux Distros Unpatched Vulnerability : CVE-2026-43620
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recvfiles in receiver.c that allows a malicious rsync server to...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021575)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021575 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: check folio mapping after unlock in relocateonefolio When we call btrfsreadfolio to bring ...
RHEL 8 : freerdp (RHSA-2026:19811)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19811 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...
Fedora 43 : opencryptoki (2026-6c3b6ec624)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6c3b6ec624 advisory. Fix CVE-2026-23893, Privilege Escalation or Data Exposure via Symlink Following Tenable has extracted the preceding description block directly from...
Linux Distros Unpatched Vulnerability : CVE-2026-43618
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflo...
Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2026-1666)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1666 advisory. pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021555)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021555 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: avoid deadlock in fs reclaim with page writeback Ext4 has a filesystem wide lock protectin...
RHEL 9 : firefox (RHSA-2026:19370)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19370 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021530)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021530 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/qxl: Add check for drmcvtmode Add check for the return value of drmcvtmode and return the err...
Fedora 43 : GitPython (2026-ee7b1c75b6)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ee7b1c75b6 advisory. Update to 3.1.50; fixes CVE-2026-42215 / GHSA-mv93-w799-cj2w. Tenable has extracted the preceding description block directly from the Fedora security advisor...
Fedora 44 : proftpd (2026-871243b391)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-871243b391 advisory. This update contains an updated modwrap2sql that addresses a potential SQL injection issue when connected to from a client with a maliciously-constructed...
Ubuntu 22.04 LTS : Linux kernel (Xilinx ZynqMP) vulnerabilities (USN-8275-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8275-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission chec...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: resource-agents (UTSA-2026-021503)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021503 advisory. pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion whe...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021553)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021553 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Call freehtabelem after htabunlockbucket For htab of maps, when the map is removed from the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021637)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021637 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttledirectreclaim The task...
RHEL 8 : firefox (RHSA-2026:19588)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19588 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021655)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021655 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2getinitinode fails syzbot is reporting busy inodes after unmount, for...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021608)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021608 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccpfeatchangerecv If dccpfeatpushconfirm fails after new value for SP...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021635)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021635 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix steering rules cleanup vport's mc, uc and multicast rules are not deleted in teardo...
Amazon Linux 2023 : python3.13-lxml (ALAS2023-2026-1679)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1679 advisory. lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration with resolveentities=True allows untrusted XML input t...
Linux Distros Unpatched Vulnerability : CVE-2026-5090
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML...
Linux Distros Unpatched Vulnerability : CVE-2026-43297
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: rockchip: rga: Fix possible ERRPTR dereference in rgabufinit rgagetframe can return ERRPTR-EINVAL when buffer type is unsupported or invalid. rgabufinit...
Linux Distros Unpatched Vulnerability : CVE-2026-5946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple flaws have been identified in named related to the handling of DNS messages whose CLASS is not Internet IN for example, CHAOS or HESIOD, or DNS message...
RHEL 9 : python3.9 (RHSA-2026:19570)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19570 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021639)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021639 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUGON when 0 reference count at btrfslookupextentinfo Instead of doing a BUGON handl...
Google Chrome < 148.0.7778.178 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 148.0.7778.178. It is, therefore, affected by multiple vulnerabilities as referenced in the 202605stable-channel-update-for-desktop0841193308 advisory. - Use after free in DOM in Google Chrome on prior to 148.0.7778.179...
Linux Distros Unpatched Vulnerability : CVE-2026-43354
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iio: proximity: hx9023s: Protect against division by zero in setsampfreq Avoid division by zero when sampling frequency is unspecified. CVE-2026-43354 Note that...
Splunk Enterprise 9.3.0 < 9.3.12, 9.4.0 < 9.4.11, 10.0.0 < 10.0.6, 10.2 < 10.2.3 (SVD-2026-0505)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0505 advisory. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr,...
Linux Distros Unpatched Vulnerability : CVE-2026-43335
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference in icclinknodes The change to dynam...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021641)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021641 advisory. In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering iprtbug arp link failure may trigger iprtbug while xfrm...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021617)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021617 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for...
Fedora 43 : pgadmin4 (2026-1545df20ad)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1545df20ad advisory. Update to pgadmin4-9.15. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Oracle Linux 8 : oci-utils (ELSA-2026-65763)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-65763 advisory. -- 0.14.0-22 - Rework systemd service file creation. Orabug: 39316494 Tenable has extracted the preceding description block directly from the Oracle Linux...
Fedora 43 : mysql8.4 (2026-a7adf2637c)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a7adf2637c advisory. MySQL 8.4.9 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.4/en/news-8-4-9.html Known issue: s390x-specific issue - zlib with DFLTCC...
Linux Distros Unpatched Vulnerability : CVE-2026-43442
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iouring: fix physical SQE bounds check for SQEMIXED 128-byte ops When IORINGSETUPSQEMIXED is...
RHEL 9 : gimp (RHSA-2026:19362)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19362 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...
Linux Distros Unpatched Vulnerability : CVE-2026-43330
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: caam - fix overflow on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocate...
Amazon Linux 2023 : firewalld, firewalld-filesystem, firewalld-test (ALAS2023-2026-1636)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1636 advisory. A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This...
Fedora 44 : expat (2026-4ef690dc30)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4ef690dc30 advisory. Rebase to version 2.8.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...