338622 matches found
SUSE SLED15 / SLES15 Security Update : firewalld (SUSE-SU-2026:1872-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1872-1 advisory. This update for firewalld fixes the following issue: - CVE-2026-4948: local unprivileged users can modify the runtime...
Photon OS 5.0: Python3 PHSA-2026-5.0-0850
An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0850. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2026:1829-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1829-1 advisory. This update for MozillaFirefox fixes the following issues Updated to Firefox Extended Support Release 140.10.1...
Linux Distros Unpatched Vulnerability : CVE-2026-45803
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gh is GitHub's official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal...
Amazon Linux 2023 : aws-cfn-bootstrap (ALAS2023-2026-1662)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1662 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks...
SUSE SLED15 / SLES15 Security Update : Mesa (SUSE-SU-2026:1835-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1835-1 advisory. This update for Mesa fixes the following issue: - CVE-2026-40393: out-of-bounds memory access can occur in WebGPU becau...
SUSE SLES16 Security Update : python-lxml (SUSE-SU-2026:21603-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:21603-1 advisory. This update for python-lxml fixes the following issue - CVE-2026-41066: Information disclosure via untrusted XML input leading to local fil...
SUSE SLED15 / SLES15 Security Update : python-Mako (SUSE-SU-2026:1819-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1819-1 advisory. This update for python-Mako fixes the following issue: - CVE-2026-41205: Prior to 1.3.11, TemplateLookup.gettemplate is...
openSUSE 16 Security Update : ffmpeg-4 (openSUSE-SU-2026:20726-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20726-1 advisory. Changes in ffmpeg-4: - CVE-2026-40962: Fixed inadequate CENC subsample bounds checks that could lead to an integer overflow bsc1262237. Tenable has...
Fedora 43 : libgit2_1.8 (2026-7b1d032de7)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7b1d032de7 advisory. Update to version 1.8.5. Release notes: https://github.com/libgit2/libgit2/releases/tag/v1.8.5 Tenable has extracted the preceding description block directly...
AlmaLinux 9 : freerdp (ALSA-2026:16482)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16482 advisory. freerdp: FreeRDP: Denial of service due to use-after-free vulnerability CVE-2026-25952 freerdp: FreeRDP: Denial of Service via double free vulnerability...
Amazon Linux 2023 : firefox (ALAS2023-2026-1706)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1706 advisory. libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document. CVE-2026-41080 Tenable has extracted the preceding description block directly from the test...
Amazon Linux 2023 : curl, curl-minimal, libcurl (ALAS2023-2026-1699)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1699 advisory. When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory. CVE-2026-3805 Tenable has extracted the preceding description block...
Linux Distros Unpatched Vulnerability : CVE-2026-40930
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LIBPNG is a reference library for use in applications that process PNG Portable Network Graphics raster image files. In version 1.8.0, three inter-frame chunk...
openSUSE 16 Security Update : raylib (openSUSE-SU-2026:20717-1)
"The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20717-1 advisory. Changes in raylib: - security update: CVE-2025-15533: Fix heap-based buffer overflow via GenImageFontAtlas function manipulation bsc1256900...
Debian dsa-6278 : libnginx-mod-http-geoip - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6278 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6278-1 [email protected]...
Linux Distros Unpatched Vulnerability : CVE-2026-8700
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitabl...
Fedora 42 : python-jupytext (2026-793b55138d)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-793b55138d advisory. This update contains upgrades to various npm packages used during the build to address CVEs, namely: - CVE-2025-69873 ajv - CVE-2026-0540 DOMPurify ...
Fedora 43 : python-jupytext (2026-85b819b928)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-85b819b928 advisory. This update contains upgrades to various npm packages used during the build to address CVEs, namely: - CVE-2025-69873 ajv - CVE-2026-0540 DOMPurify ...
AlmaLinux 8 : kernel (ALSA-2026:16195)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:16195 advisory. kernel: Dirty Frag is a new universal Local Privilege Escalation LPE vulnerability in the Linux kernel CVE-2026-43284 Tenable has extracted the preceding...
SUSE SLES16 Security Update : kernel (SUSE-SU-2026:21610-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21610-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: Dirty...
SUSE SLES16 Security Update : kernel (SUSE-SU-2026:21616-1)
The remote SUSE Linux SLES16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21616-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: Dirty Frag fixes: -...
openSUSE 15 Security Update : kernel (SUSE-SU-2026:1840-2)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1840-2 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb fra...
AlmaLinux 9 : ALSA-2026:A009kernel (ALSA-2026:A009)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:A009 advisory. kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-46300 kernel: ptrace: require CAPSYSPTRACE when task has no mm...
AlmaLinux 10 : ALSA-2026:A010kernel (ALSA-2026:A010)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:A010 advisory. kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-46300 kernel: ptrace: require CAPSYSPTRACE when task has no mm...
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2026:1825-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1825-1 advisory. The SUSE Linux Enterprise 15 SP7 kernel was updated to fix the following issue: - CVE-2026-43284: xfrm: esp: avoid...
SUSE SLED15 / SLES15 Security Update : log4j (SUSE-SU-2026:1843-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1843-1 advisory. - CVE-2026-34477: TLS connections vulnerable to interception due to incomplete hostname verification...
SUSE SLES15 Security Update : kernel (SUSE-SU-2026:1857-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1857-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to fix one issue - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags...
AlmaLinux 8 : ALSA-2026:A008kernel (ALSA-2026:A008)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:A008 advisory. kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-46300 kernel: ptrace: require CAPSYSPTRACE when task has no mm...
SUSE SLES15 Security Update : kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1873-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1873-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.203 fixes one security issue The following security issue was fixed: - CVE-2026-4328...
Debian dla-4587 : ata-modules-5.10.0-39-armmp-di - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4587 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4587-1 [email protected] https://www.debian.org/lts/security/ B...
SUSE SLES15 Security Update : kernel (SUSE-SU-2026:1840-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1840-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt...
SUSE SLES16 Security Update : php8 (SUSE-SU-2026:21612-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21612-1 advisory. This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when...
SUSE SLES15 Security Update : kernel RT (Live Patch 4 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1858-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1858-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.16 fixes one security issue The following security issue was fixed: - CVE-2026-43284:...
Linux Distros Unpatched Vulnerability : CVE-2026-45736
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close implementation is vulnerable to uninitialized memory disclosu...
Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1709)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1709 advisory. In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-43503 In the Linux kernel, the following...
openSUSE 16 Security Update : apptainer (openSUSE-SU-2026:20730-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20730-1 advisory. Changes in apptainer: - Fix CVE-2026-34986 bsc1262956 github.com/go-jose/go-jose/[email protected] CVE-2026-33186 GO-2026-4762 bsc1260311...
Slackware Linux 15.0 / current kernel-generic Vulnerability (SSA:2026-135-02)
The version of kernel-generic installed on the remote host is prior to 5.15.207 / 5.15.207smp / 6.12.89 / 6.18.31. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-135-02 advisory. New kernel packages are available for Slackware 15.0 and -current to fix a security issue...
Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1708)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1708 advisory. In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-43503 In the Linux kernel, the following...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1710)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1710 advisory. In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-43503 In the Linux kernel, the following...
Linux Distros Unpatched Vulnerability : CVE-2026-46483
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tarVimuntar in runtime/autoload/tar.vim when...
Slackware Linux 15.0 / current dnsmasq Multiple Vulnerabilities (SSA:2026-135-01)
The version of dnsmasq installed on the remote host is prior to 2.92rel2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-135-01 advisory. New dnsmasq packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...
RockyLinux 10 : yggdrasil (RLSA-2026:17075)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:17075 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via...
AlmaLinux 8 : rsync (ALSA-2026:17481)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:17481 advisory. rsync: Rsync: Use-after-free vulnerability in extended attribute handling CVE-2026-41035 Tenable has extracted the preceding description block directly from the...
SUSE SLED15 / SLES15 Security Update : go1.26 (SUSE-SU-2026:1861-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1861-1 advisory. This update for go1.26 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : dnsmasq (SUSE-SU-2026:1827-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1827-1 advisory. This update for dnsmasq fixes the following issue: - CVE-2026-2291: VU471747: dnsmasq can be abused to...
Amazon Linux 2023 : soci-snapshotter (ALAS2023-2026-1700)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1700 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to...
SUSE SLES12 Security Update : dnsmasq (SUSE-SU-2026:1826-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1826-1 advisory. This update for dnsmasq fixes the following issue: - CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or attacke...
AlmaLinux 10 : jq (ALSA-2026:16692)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16692 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON obje...
SUSE SLED15 / SLES15 Security Update : go1.25 (SUSE-SU-2026:1862-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1862-1 advisory. This update for go1.25 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling...