338620 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-8954
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions, integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151,...
Fedora 44 : python-pysam (2026-28858c383e)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-28858c383e advisory. Update pysam Resolves CVE issues Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
RHEL 10 : giflib (RHSA-2026:19154)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19154 advisory. giflib is a library for reading and writing gif images. Security Fixes: giflib: Giflib: Double-free vulnerability leading to memory corruption...
RHEL 9 : openssh (RHSA-2026:19219)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19219 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...
RHEL 10 : jq (RHSA-2026:19151)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19151 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...
RHEL 10 : postgresql16 (RHSA-2026:19010)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19010 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that...
RHEL 9 : pcs (RHSA-2026:19167)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19167 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: lodash: Arbitrary cod...
RHEL 9 : buildah (RHSA-2026:19186)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19186 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working...
RHEL 9 : LibRaw (RHSA-2026:19345)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19345 advisory. LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw:...
RHEL 9 : freerdp (RHSA-2026:19358)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19358 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...
RHEL 9 : glib2 (RHSA-2026:19361)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19361 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...
RHEL 10 : openssl (RHSA-2026:19066)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19066 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...
RHEL 10 : unbound (RHSA-2026:18556)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18556 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability...
RHEL 10 : tomcat (RHSA-2026:18537)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18537 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat:...
Fedora 44 : rust-sevctl (2026-941244e8ee)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-941244e8ee advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
RHEL 10 : iputils (RHSA-2026:18162)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:18162 advisory. The iputils packages contain basic utilities for monitoring a network, including ping. Security Fixes: iputils: iputils integer overflow...
SUSE SLED15 / SLES15 Security Update : dnsmasq (SUSE-SU-2026:1934-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1934-1 advisory. This update for dnsmasq fixes the following issues Security issues: - CVE-2026-4890: DoS vulnerability in the...
RHEL 10 : dnsmasq (RHSA-2026:19158)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19158 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server...
RHEL 9 : systemd (RHSA-2026:19213)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19213 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive...
RHEL 10 : pcs (RHSA-2026:19008)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19008 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: lodash: Arbitrary co...
RHEL 9 : python-jwcrypto (RHSA-2026:19197)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:19197 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...
SUSE SLES15 Security Update : mozjs78 (SUSE-SU-2026:1956-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1956-1 advisory. This update for mozjs78 fixes the following issues - CVE-2026-32776: libexpat: NULL pointer dereference when processing empty...
Linux Distros Unpatched Vulnerability : CVE-2026-8947
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in the DOM: Bindings WebIDL component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and...
RHEL 10 : openexr (RHSA-2026:19146)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19146 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents...
RHEL 10 : yggdrasil-worker-package-manager (RHSA-2026:19128)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:19128 advisory. yggdrasil-worker-package-manager is a simple package manager yggd worker. It knows how to install and remove packages, add, remove, enable and...
RHEL 10 : firefox (RHSA-2026:19041)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19041 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Linux Distros Unpatched Vulnerability : CVE-2026-43491
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: qrtr: ns: Limit the maximum server registration per node Current code does no bound checking on the number of servers added per node. A malicious client ca...
RHEL 9 : freeipmi (RHSA-2026:19208)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19208 advisory. The freeipmi packages contain an Intelligent Platform Management Interface IPMI remote console and system management software based on the IPMI...
RHEL 9 : python3.9 (RHSA-2026:19216)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19216 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
RHEL 10 : edk2 (RHSA-2026:18320)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18320 advisory. EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU...
Fedora 44 : rust-ingredients (2026-6b01755e7d)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6b01755e7d advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
RHEL 10 : freerdp (RHSA-2026:19142)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19142 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...
RHEL 9 : libvirt (RHSA-2026:18748)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18748 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains...
RHEL 9 : vim (RHSA-2026:19224)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19224 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox bypass...
RHEL 10 : grafana-pcp (RHSA-2026:19026)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:19026 advisory. The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace...
RHEL 10 : grafana (RHSA-2026:19134)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19134 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana:...
RHEL 9 : tomcat (RHSA-2026:18916)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18916 advisory. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat:...
AlmaLinux 10 : libpng (ALSA-2026:18064)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:18064 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 Tenable has extracted the preceding description block directly from t...
Linux Distros Unpatched Vulnerability : CVE-2026-8946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11,...
SUSE SLED15 / SLES15 Security Update : PackageKit (SUSE-SU-2026:1939-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1939-1 advisory. This update for PackageKit fixes the following issue: - CVE-2026-41651: race condition allows for arbitrary RPM package...
RHEL 9 : unbound (RHSA-2026:18931)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18931 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability...
RHEL 10 : yggdrasil (RHSA-2026:19126)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19126 advisory. yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate chil...
RHEL 9 : libtiff (RHSA-2026:19363)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19363 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...
Fedora 43 : kernel (2026-88a1fb9418)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-88a1fb9418 advisory. The 7.0.9-102/202 stable kernel builds contain additional mitigations for new code paths in fragnesia, and a couple of other security updates without fancy...
RHEL 9 : gdk-pixbuf2 (RHSA-2026:19210)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19210 advisory. The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits suc...
RHEL 10 : gdk-pixbuf2 (RHSA-2026:19127)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19127 advisory. The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits su...
RHEL 10 : go-fdo-server (RHSA-2026:19137)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19137 advisory. This package provides a server-side implementation of the FIDO Device Onboard FDO specification, written in Go. FDO is an open standard fo...
RHEL 10 : python-markdown (RHSA-2026:19155)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:19155 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic...
Mozilla Thunderbird < 140.11
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-51 advisory. - Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidenc...
SUSE SLES15 Security Update : rmt-server (SUSE-SU-2026:1964-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1964-1 advisory. This update for rmt-server fixes the following issues - CVE-2026-26961: rack: mismatch in header handling can allow to smuggle...