338622 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-44064
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read in ASP session ID handling in Netatalk 1.3 through 4.4.2 allows an adjacent network attacker to obtain limited information or cause a deni...
Linux Distros Unpatched Vulnerability : CVE-2026-8510
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an ou...
Linux Distros Unpatched Vulnerability : CVE-2026-42934
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When charset, sourcecharset, and charsetmap and proxypass with disable...
Linux Distros Unpatched Vulnerability : CVE-2026-8525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HT...
TencentOS Server 4: kernel (TSSA-2026:0313)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0313 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
RockyLinux 8 : krb5 (RLSA-2026:16799)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:16799 advisory. krb5: MIT Kerberos 5 krb5: Denial of Service via integer underflow and out-of-bounds read CVE-2026-40356 krb5: MIT Kerberos 5: Denial of Service via NUL...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-good (UTSA-2026-021410)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021410 advisory. GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...
AlmaLinux 10 : yggdrasil (ALSA-2026:17075)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:17075 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via...
Fedora 44 : kernel / kernel-headers (2026-4462efc052)
The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-4462efc052 advisory. The 7.0.6 stable kernel update contains a number of important fixes across the tree. It also contains a fix for the Fragnesia CVE-2026-46300 Tenable has...
ImageMagick < 6.9.13-46 / 7.x < 7.1.2-21 Stack Buffer Overflow
The remote host has a version of ImageMagick installed that is prior to 6.9.13-46 or 7.x prior to 7.1.2-21. It is, therefore, affected by a stack buffer overflow vulnerability: - A malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to...
Linux Distros Unpatched Vulnerability : CVE-2026-8555
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...
Linux Distros Unpatched Vulnerability : CVE-2026-8529
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video...
Google Chrome < 148.0.7778.167 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 148.0.7778.167. It is, therefore, affected by multiple vulnerabilities as referenced in the 202605stable-channel-update-for-desktop12 advisory. - Use after free in Extensions in Google Chrome on Mac prior to...
Amazon Linux 2 : oci-add-hooks, --advisory ALAS2DOCKER-2026-115 (ALASDOCKER-2026-115)
The version of oci-add-hooks installed on the remote host is prior to 0-0.9.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-115 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or...
Amazon Linux 2023 : cuda-toolkit (ALAS2023NVIDIA-2025-031)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-031 advisory. NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A...
Linux Distros Unpatched Vulnerability : CVE-2026-6472
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including...
RHEL 8 : PackageKit (RHSA-2026:17561)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:17561 advisory. PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architectu...
Linux Distros Unpatched Vulnerability : CVE-2026-7837
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A time-of-check time-of-use TOCTOU condition in the adflush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a...
Linux Distros Unpatched Vulnerability : CVE-2026-45355
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - netatalk - None Ubuntu Linux - security update CVE-2026-45355 Note that Nessus relies on the presence of the package as reported by the vendor...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-good (UTSA-2026-021392)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021392 advisory. GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affecte...
Linux Distros Unpatched Vulnerability : CVE-2026-8531
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2026-44248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the MQTT 5 header Properties section is parsed an...
Fedora 44 : chromium (2026-1aa7b8b515)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1aa7b8b515 advisory. Update to 148.0.7778.96 CVE-2026-7896: Integer overflow in Blink CVE-2026-7897: Use after free in Mobile CVE-2026-7898: Use after free in Chromoting...
GitLab 11.10 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-4527)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Cross-Site Request Forgery CSRF in GitLab CVE-2026-4527 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 8090...
RHEL 10 : openexr (RHSA-2026:17656)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:17656 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents...
Debian dsa-6268 : ffmpeg - security update
The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6268 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6268-1 [email protected] https://www.debian.org/security/ Moritz...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-bad-free (UTSA-2026-021390)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021390 advisory. GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affect...
Debian dsa-6271 : gsasl - security update
The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6271 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6271-1 [email protected] https://www.debian.org/security/...
Linux Distros Unpatched Vulnerability : CVE-2026-45354
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - netatalk - None Ubuntu Linux - security update CVE-2026-45354 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-8524
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds write in WebAudio in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML...
Amazon Linux 2 : runc, --advisory ALAS2NITRO-ENCLAVES-2026-102 (ALASNITRO-ENCLAVES-2026-102)
The version of runc installed on the remote host is prior to 1.3.4-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-102 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go...
Linux Distros Unpatched Vulnerability : CVE-2026-8546
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obta...
Linux Distros Unpatched Vulnerability : CVE-2026-8542
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially...
Fedora 42 : nix (2026-3cfb30c1fb)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3cfb30c1fb advisory. - update to 2.31.5: fixes high GHSA-vh5x-56v6-4368 and moderate GHSA-gr92-w2r5-qw5p -...
Linux Distros Unpatched Vulnerability : CVE-2026-44050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow in the CNID daemon commrcv function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to execute arbitrary cod...
RockyLinux 10 : kernel (RLSA-2026:16062)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:16062 advisory. kernel: Dirty Frag is a new universal Local Privilege Escalation LPE vulnerability in the Linux kernel CVE-2026-43284 Tenable has extracted the preceding...
Linux Distros Unpatched Vulnerability : CVE-2026-8558
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2026-8586
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Chromoting in Google Chrome prior to 148.0.7778.168 allowed a local attacker to bypass discretionary access control via a...
Linux Distros Unpatched Vulnerability : CVE-2026-44068
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete sanitization of extended attribute EA path components in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to write to files outsid...
RockyLinux 9 : freerdp (RLSA-2026:16482)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:16482 advisory. freerdp: FreeRDP: Denial of service due to use-after-free vulnerability CVE-2026-25952 freerdp: FreeRDP: Denial of Service via double free vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2026-8389
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3. CVE-2026-8389 Note that Nessus relies on the presen...
Linux Distros Unpatched Vulnerability : CVE-2026-8569
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds write in Codecs in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted...
RHEL 8 : firefox (RHSA-2026:17477)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:17477 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Adobe Connect <= 2025.8.157 Multiple Vulnerabilities (APSB26-50)
The version of Adobe Connect installed on the remote host is prior to 2026.01.39. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb26-50 advisory. - Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by a Deserialization of Untrusted Data...
Linux Distros Unpatched Vulnerability : CVE-2026-44056
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited...
RockyLinux 8 : gimp:2.8 (RLSA-2026:17533)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:17533 advisory. gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image CVE-2026-4887 gimp: GIMP: Remote Code Execution via XPM File Parsing...
Linux Distros Unpatched Vulnerability : CVE-2026-44471
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, permit...
Linux Distros Unpatched Vulnerability : CVE-2026-8554
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out...
Linux Distros Unpatched Vulnerability : CVE-2026-42577
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP...
Linux Distros Unpatched Vulnerability : CVE-2026-42578
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandler constructs HTTP CONNECT...