338622 matches found
Siemens Teamcenter XSS and Hardcoded Key Vulnerabilities (SSA-827383)
The version of Siemens Teamcenter installed on the remote host is affected by multiple vulnerabilities: - The affected application does not properly encode or filter user-supplied data. This could allow an attacker to inject malicious code that can be executed by other users when they visit the...
Debian dla-4583 : idle-python3.9 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4583 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4583-1 [email protected]...
Debian dla-4586 : libapache2-mod-php7.4 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4586 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4586-1 [email protected]...
Linux Distros Unpatched Vulnerability : CVE-2026-6472
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including...
Linux Distros Unpatched Vulnerability : CVE-2026-40701
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpsslmodule module when the sslverifyclient directive is set to on or optional, and the sslocs...
Debian dsa-6268 : ffmpeg - security update
The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6268 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6268-1 [email protected] https://www.debian.org/security/ Moritz...
Linux Distros Unpatched Vulnerability : CVE-2026-8389
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3. CVE-2026-8389 Note that Nessus relies on the presen...
Security Update for Microsoft .NET Core SDK (May 2026)
The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory. - A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who...
Linux Distros Unpatched Vulnerability : CVE-2026-8569
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds write in Codecs in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2026-40460
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their source IP address allowing for bypass ...
Amazon Linux 2 : opencryptoki, --advisory ALAS2-2026-3283 (ALAS-2026-3283)
The version of opencryptoki installed on the remote host is prior to 3.7.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3283 advisory. openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. Versions 2.3.2 and above are vulnerable to...
TencentOS Server 4: python-lxml (TSSA-2026:0288)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0288 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Debian dsa-6267 : thunderbird - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6267 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6267-1 [email protected]...
Linux Distros Unpatched Vulnerability : CVE-2026-43482
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Disable preemption between scxclaimexit and kicking helper work scxclaimexit atomically sets exitkind, which prevents scxerror from triggering further...
Linux Distros Unpatched Vulnerability : CVE-2026-46470
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxaudiocaps function does not...
Linux Distros Unpatched Vulnerability : CVE-2026-8567
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2026-44064
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read in ASP session ID handling in Netatalk 1.3 through 4.4.2 allows an adjacent network attacker to obtain limited information or cause a deni...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gdk-pixbuf2 (UTSA-2026-021389)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021389 advisory. A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color compone...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-good (UTSA-2026-021410)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021410 advisory. GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...
TencentOS Server 3: kernel (TSSA-2026:0316)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0316 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Linux Distros Unpatched Vulnerability : CVE-2026-43916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pamauthnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read ...
Linux Distros Unpatched Vulnerability : CVE-2026-42945
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a...
Linux Distros Unpatched Vulnerability : CVE-2026-8563
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in IFrame Sandbox in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to bypass navigation restriction...
GitLab 16.4 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-7481)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in GitLab CVE-2026-7481 Note that Nessus has not tested for this issue but has instead relied only on the application...
Linux Distros Unpatched Vulnerability : CVE-2026-8523
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a...
Linux Distros Unpatched Vulnerability : CVE-2026-8544
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Fedora 44 : freerdp (2026-1c8efcc330)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1c8efcc330 advisory. Update to 3.26.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
Adobe Connect <= 2025.8.157 Multiple Vulnerabilities (APSB26-50)
The version of Adobe Connect installed on the remote host is prior to 2026.01.39. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb26-50 advisory. - Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by a Deserialization of Untrusted Data...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-base (UTSA-2026-021388)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021388 advisory. GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...
Linux Distros Unpatched Vulnerability : CVE-2026-8199
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear...
Linux Distros Unpatched Vulnerability : CVE-2026-43476
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iio: chemical: sps30i2c: fix buffer size in sps30i2creadmeas sizeofnum evaluates to sizeofsizet 8 bytes on 64-bit instead of the intended be32 element size 4...
RHEL 10 : libpng (RHSA-2026:17567)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:17567 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes:...
RHEL 8 : firefox (RHSA-2026:17477)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:17477 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Linux Distros Unpatched Vulnerability : CVE-2026-8542
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially...
Fedora 42 : nix (2026-3cfb30c1fb)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3cfb30c1fb advisory. - update to 2.31.5: fixes high GHSA-vh5x-56v6-4368 and moderate GHSA-gr92-w2r5-qw5p -...
Fedora 42 : nano (2026-fbeaecb457)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fbeaecb457 advisory. fix CVE-2026-6842 and CVE-29026-6843 Resolves: CVE-2026-6842 Resolves: CVE-2026-6843 Resolves: rhbz2455127 Resolves: rhbz2455314 Tenable has extract...
Linux Distros Unpatched Vulnerability : CVE-2026-8546
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obta...
Linux Distros Unpatched Vulnerability : CVE-2026-44050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow in the CNID daemon commrcv function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary cod...
Linux Distros Unpatched Vulnerability : CVE-2026-8561
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium...
AlmaLinux 9 : gimp (ALSA-2026:16484)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16484 advisory. gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image CVE-2026-4887 gimp: GIMP: Remote Code Execution via XPM File Parsing...
Linux Distros Unpatched Vulnerability : CVE-2026-43901
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5 and earlier,...
GitLab 17.10 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-1338)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Authorization Bypass Through User-Controlled Key in GitLab CVE-2026-1338 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...
TencentOS Server 4: LibRaw (TSSA-2026:0233)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0233 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Linux Distros Unpatched Vulnerability : CVE-2026-8532
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-8550
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Google Lens in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially...
Linux Distros Unpatched Vulnerability : CVE-2026-8575
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbo...
Linux Distros Unpatched Vulnerability : CVE-2026-7210
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xml.parsers.expat and xml.etree.ElementTree use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash...
Linux Distros Unpatched Vulnerability : CVE-2026-8539
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a...
Fedora 44 : SDL2_image (2026-7fe0476df9)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-7fe0476df9 advisory. Update to bugfix release 2.8.12. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
GitLab 17.6 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-3073)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Authorization Bypass Through User-Controlled Key in GitLab CVE-2026-3073 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...