338597 matches found
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021591)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021591 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix a memory leak Add a forgotten kfree. Tenable has extracted the preceding...
RHEL 9 : tigervnc (RHSA-2026:19342)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19342 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021647)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021647 advisory. In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL...
Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2026-1648)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1648 advisory. @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service DoS issue caused by unbound...
RHEL 9 : libtiff (RHSA-2026:19702)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19702 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021536)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021536 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 mm: /proc/pid/smapsrollup:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021559)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021559 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, ...
Linux Distros Unpatched Vulnerability : CVE-2026-42959
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021582)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021582 advisory. In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in...
Fedora 44 : mingw-expat (2026-163d1fe6c0)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-163d1fe6c0 advisory. Update to expat-2.8.1. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
Amazon Linux 2023 : krb5-devel, krb5-libs, krb5-pkinit (ALAS2023-2026-1680)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1680 advisory. In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An...
Fedora 44 : python-django6 (2026-de6e24ae07)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-de6e24ae07 advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021568)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021568 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-mq: use quiesced elevator switch when reinitializing queues The hctx's runwork may be racing...
Amazon Linux 2023 : mount-s3 (ALAS2023-2026-1655)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1655 advisory. A logic error in CRL distribution point validation in AWS-LC before 1.71.0 causes partitioned CRLs to be incorrectly rejected as out of scope, which allows a revoked certificate to bypass certificate...
Fedora 43 : mingw-expat (2026-9cf92027ec)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9cf92027ec advisory. Update to expat-2.8.1. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
Oracle Linux 7 : squid (ELSA-2026-8880)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8880 advisory. - Security update for CVE-2026-32748 CVE-2026-33526 Orabug: 39230173 - Fixes CVE-2025-62168, squid: Squid vulnerable to information disclosure via -...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021576)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021576 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix a null-ptr-deref in tipctopsrvaccept syzbot found a crash in tipctopsrvaccept: KASAN:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021585)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021585 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent...
Linux Distros Unpatched Vulnerability : CVE-2026-42006
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this,...
Linux Distros Unpatched Vulnerability : CVE-2026-40016
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configure...
RHEL 10 : libsndfile (RHSA-2026:19560)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19560 advisory. libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: integer...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021583)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021583 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SBRDONLY after filesystem errors When the filesystem is mounted with...
Fedora 44 : pgadmin4 (2026-68f6155fea)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-68f6155fea advisory. Update to pgadmin4-9.15. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
RHEL 10 : glib2 (RHSA-2026:19567)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19567 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...
Linux Distros Unpatched Vulnerability : CVE-2026-43332
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - thermal: core: Fix thermal zone device registration error path If thermalzonedeviceregisterwithtrips fails after registering a thermal zone device, it needs to...
RHEL 8 : glib2 (RHSA-2026:19524)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19524 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...
Unity Linux 20.1070e Security Update: mpv (UTSA-2026-021502)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021502 advisory. A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted m3u playlist file. Tenable has...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021543)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021543 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from bandwidth list when freeing the device Endpoints are normally...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021626)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021626 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix crash when config small gsomaxsize/gsoipv4maxsize Config a small...
RHEL 8 : libtiff (RHSA-2026:19657)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19657 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...
RHEL 9 : webkit2gtk3 (RHSA-2026:19535)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19535 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...
RHEL 10 : libcap (RHSA-2026:19456)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19456 advisory. Libcap is a library for getting and setting POSIX.1e formerly POSIX 6 draft 15 capabilities. Security Fixes: libcap: libcap: Privilege escalation v...
Linux Distros Unpatched Vulnerability : CVE-2026-43333
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: reject direct access to nullable PTRTOBUF pointers checkmemaccess matches PTRTOBUF via basetype which strips PTRMAYBENULL, allowing direct dereference...
RHEL 10 : PackageKit (RHSA-2026:19601)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19601 advisory. PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution,...
Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1647)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1647 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API...
RHEL 8 : firefox (RHSA-2026:19655)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19655 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021623)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021623 advisory. In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for getdefaultfont Shifting signed 32-bit value by...
Linux Distros Unpatched Vulnerability : CVE-2026-45232
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows netwo...
Linux Distros Unpatched Vulnerability : CVE-2026-5089
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021597)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021597 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021653)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021653 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to be retried, and that retry...
RHEL 9 : thunderbird (RHSA-2026:19461)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19461 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...
Ubuntu 16.04 LTS : Smarty vulnerability (USN-8272-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8272-1 advisory. Takuya Aramaki discovered that Smarty did not properly escape JavaScript code. An attacker could possibly use this issue to conduct a cross-site scripting attack...
Linux Distros Unpatched Vulnerability : CVE-2026-5090
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021564)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021564 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when t...
Amazon Linux 2023 : python3.13-pip, python3.13-pip-wheel (ALAS2023-2026-1654)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1654 advisory. pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferr...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021594)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021594 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible NULL deref in fib6nhinit syzbot reminds us that in6devget can return NULL...
Fedora 44 : kernel (2026-6b173ffc2a)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6b173ffc2a advisory. The 7.0.7 stable kernel update contains a number of important fixes across the tree. It also patches up a vulnerable codepath for franesia that was not in th...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021639)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021639 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUGON when 0 reference count at btrfslookupextentinfo Instead of doing a BUGON handl...
RHEL 9 : python3.9 (RHSA-2026:19570)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19570 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...