338622 matches found
CentOS 9 : rust-rpm-sequoia-1.10.2.1-1.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the rust- rpm-sequoia-1.10.2.1-1.el9 build changelog. - Update sequoia-openpgp to version 2.3.0. This includes three security relevant fixes assigned CVE-2026-42783, CVE-2026-42784, and...
RHEL 10 : fence-agents (RHSA-2026:19138)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19138 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...
Linux Distros Unpatched Vulnerability : CVE-2026-8957
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in the Enterprise Policies component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird...
SUSE SLES15 Security Update : kernel (SUSE-SU-2026:1959-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1959-1 advisory. The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-5451...
RHEL 10 : golang-github-openprinting-ipp-usb (RHSA-2026:19144)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19144 advisory. HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-U...
RHEL 10 : kernel (RHSA-2026:18134)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18134 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: tcpbpf: Fix the skmemuncharg...
RHEL 9 : fence-agents (RHSA-2026:19355)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19355 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...
RHEL 9 : rhc (RHSA-2026:19207)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19207 advisory. rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security...
Mozilla Firefox ESR < 115.36
The version of Firefox ESR installed on the remote Windows host is prior to 115.36. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-47 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR...
RHEL 9 : p11-kit (RHSA-2026:18599)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18599 advisory. The p11-kit packages provide a mechanism to manage PKCS11 modules. The p11-kit-trust subpackage includes a PKCS11 trust module that provides...
RHEL 9 : jq (RHSA-2026:19365)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19365 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...
FreeBSD : Vinyl/Varnish -- HTTP/2 parsing deficiency (f0f4bb64-52c6-11f1-a1c0-0050569f0b83)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f0f4bb64-52c6-11f1-a1c0-0050569f0b83 advisory. Vinyl Development Team reports: A deficiency in HTTP/2 request parsing can be exploited to launch a...
SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:1906-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1906-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.299 fixes one security issue The following security issue was fixed: -...
RockyLinux 10 : ruby (RLSA-2026:18065)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18065 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the RockyLinux...
RHEL 10 : golang-github-openprinting-ipp-usb (RHSA-2026:19049)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19049 advisory. HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-U...
Fedora 44 : rust-cargo-vendor-filterer (2026-b631ccd99a)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b631ccd99a advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
Debian dsa-6281 : gnutls-bin - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6281 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6281-1 [email protected]...
RHEL 10 : galera and mariadb11.8 (RHSA-2026:19021)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19021 advisory. MariaDB is a community developed fork from MySQL - a multi-user, multi-threaded SQL database server. It is a client/server implementation consistin...
SUSE SLES15 Security Update : php-composer2 (SUSE-SU-2026:1970-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1970-1 advisory. This update for php-composer2 fixes the following issues - CVE-2026-40176: command injection via malicious Perforce repository...
RHEL 9 : bind (RHSA-2026:18786)
"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18786 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...
RHEL 9 : webkit2gtk3 (RHSA-2026:19206)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19206 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...
CentOS 9 : polkit-0.117-16.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the polkit-0.117-16.el9 build changelog. - A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
Oracle Linux 9 : ruby:3.3 (ELSA-2026-18030)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18030 advisory. - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171255 - Fix possible denial of service in resolv gem...
SUSE SLES15 Security Update : kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2026:1905-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1905-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.194 fixes one security issue The following security issue was fixed: - CVE-2026-4328...
RHEL 10 : glibc (RHSA-2026:19061)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19061 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...
RHEL 10 : tomcat9 (RHSA-2026:18536)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18536 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages...
Fedora 44 : mod_md (2026-c9b72de46a)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-c9b72de46a advisory. - CVE-2026-29168 fix Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for th...
RHEL 9 : python-jwcrypto (RHSA-2026:19197)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:19197 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...
SUSE SLES15 Security Update : mozjs78 (SUSE-SU-2026:1956-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1956-1 advisory. This update for mozjs78 fixes the following issues - CVE-2026-32776: libexpat: NULL pointer dereference when processing empty...
RHEL 9 : jq (RHSA-2026:18044)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:18044 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...
RHEL 9 : ruby:3.3 (RHSA-2026:18030)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18030 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management task...
RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.1.6 (RHSA-2026:18055)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18055 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release ...
Linux Distros Unpatched Vulnerability : CVE-2026-8723
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Summary qs.stringify throws TypeError when called with arrayFormat: 'comma' and encodeValuesOnly: true on an array containing null or undefined. The throw is...
Alibaba Cloud Linux 3 : 0107: vim (ALINUX3-SA-2026:0107)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0107 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-34982: Vim is an open source, command line...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-lxml (UTSA-2026-021468)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021468 advisory. lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration with...
Oracle Linux 7 : bind (ELSA-2026-11371)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11371 advisory. - Resolve CVE-2026-1519 Orabug: 39275755 - Resolve CVE-2025-40778 Orabug: 38699863 Tenable has extracted the preceding description block directly from the Orac...
RHEL 9 : PackageKit (RHSA-2026:18024)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18024 advisory. PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architectu...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-021477)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021477 advisory. A flaw was found in GLib, which is vulnerable to an integer overflow in the gstringinsertunichar function. When the position at which to insert the character is larg...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 8.1.6 (RHSA-2026:18054)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18054 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release ...
RHEL 9 : nginx (RHSA-2026:18029)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18029 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...
RHEL 9 : jq (RHSA-2026:18045)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:18045 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...
RHEL 8 : nginx:1.24 (RHSA-2026:18041)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18041 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: google-oauth-java-client (UTSA-2026-021491)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021491 advisory. PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorizatio...
RHEL 10 : jq (RHSA-2026:18040)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18040 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: perl-File-Find-Rule (UTSA-2026-021485)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021485 advisory. File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when grep encounters a crafted filename. A file handle is opened with the 2 argument...
RHEL 10 : grafana (RHSA-2026:18032)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18032 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang:...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-021483)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021483 advisory. In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointer...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-021488)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021488 advisory. In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.setcookie were not checked for...
RockyLinux 9 : ruby:3.3 (RLSA-2026:18030)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18030 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the RockyLinux...
RHEL 10 : nginx (RHSA-2026:18063)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18063 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...