338622 matches found
Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2DOCKER-2026-113 (ALASDOCKER-2026-113)
The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-113 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overfl...
Amazon Linux 2 : runc, --advisory ALAS2DOCKER-2026-116 (ALASDOCKER-2026-116)
The version of runc installed on the remote host is prior to 1.3.4-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-116 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler...
Amazon Linux 2 : runfinch-finch, --advisory ALAS2DOCKER-2026-117 (ALASDOCKER-2026-117)
The version of runfinch-finch installed on the remote host is prior to 1.17.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-117 advisory. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination ...
RHEL 10 : gvisor-tap-vsock (RHSA-2026:17084)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17084 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp,...
Linux Distros Unpatched Vulnerability : CVE-2026-43483
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: SVM: Set/clear CR8 write interception when AVIC is deactivated Explicitly set/clear CR8 write interception when AVIC is deactivated to fix a bug where KVM...
MiracleLinux 8 : dovecot-2.3.16-7.el8_10 (AXSA:2026-611:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-611:02 advisory. dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command CVE-2025-59032 dovecot: denial of service via craft...
MiracleLinux 8 : kernel-4.18.0-553.123.1.el8_10 (AXSA:2026-612:33)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-612:33 advisory. kernel: nvme: avoid double free special payload CVE-2024-41073 kernel: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpae...
AlmaLinux 9 : thunderbird (ALSA-2026:15892)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:15892 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScrip...
Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS Software allows an...
AlmaLinux 8 : libtiff (ALSA-2026:16055)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:16055 advisory. libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing CVE-2026-4775 Tenable has extracted the...
RHEL 8 : freerdp (RHSA-2026:16814)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:16814 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...
CentOS 9 : glib2-2.68.4-20.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the glib2-2.68.4-20.el9 build changelog. - A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service ...
Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS software allow an unauthenticated attacker with...
Alibaba Cloud Linux 3 : 0001: kernel-hotfix (ALINUX3-HOTFIX-SA-2026:0001)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-HOTFIX-SA-2026:0001 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-43284: In the Linux kernel, the...
Linux Distros Unpatched Vulnerability : CVE-2026-43485
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nouveau/gsp: drop WARNON in ACPI probes These WARNONs seem to trigger a lot, and we don't seem to have a plan to fix them, so just drop them, as they are most...
Linux Distros Unpatched Vulnerability : CVE-2026-43384
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/tcp-ao: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for...
RHEL 9 : freerdp (RHSA-2026:16865)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:16865 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...
Linux Distros Unpatched Vulnerability : CVE-2026-43457
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mctp: i2c: fix skb memory leak in receive path When 'midev-allowrx' is false, the newly allocated skb isn't consumed by netifrx, it needs to free the skb...
Palo Alto Networks PAN-OS 11.1.x / 11.2.x / 12.1.x Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS software allows an unauthenticated...
Photon OS 5.0: Linux PHSA-2026-5.0-0846
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0846. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Unity Linux 20.1050e / 20.1070e Security Update: golang (UTSA-2026-017806)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017806 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. Tenable has extracted the preceding description block directly from t...
RHEL 9 : golang (RHSA-2026:16497)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16497 advisory. The golang packages provide the Go programming language compiler. Security Fixes: cmd/go: golang: Go golang and cmd/go: Arbitrary Code Execution via...
Linux Distros Unpatched Vulnerability : CVE-2026-43461
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: Fix DMA mapping error handling Fix three bugs in amlsfcdmabuffersetu...
Fedora 45 : docker-buildkit (2026-7ac27ae1d0)
The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7ac27ae1d0 advisory. Automatic update for docker-buildkit-0.30.0-1.fc45. Changelog Wed May 13 2026 Bradley G Smith - 0.30.0-1 - Update to release v0.30.0 - Resolves CVE-2026-3998...
RHEL 8 : freerdp (RHSA-2026:16777)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:16777 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...
RHEL 9 : freerdp (RHSA-2026:16866)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:16866 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...
AlmaLinux 10 : libpng (ALSA-2026:14790)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:14790 advisory. libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion CVE-2026-33636 Tenable has extracted the...
RHEL 8 : go-toolset:rhel8 (RHSA-2026:16697)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16697 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: cmd/go: golang: Go golang...
Linux Distros Unpatched Vulnerability : CVE-2026-43484
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mmc: core: Avoid bitfield RMW for claim/retune flags Move claimed and retune control flags out of the bitfield word to avoid unrelated RMW side effects in...
RHEL 9 : podman (RHSA-2026:16702)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16702 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
RHEL 10 : podman (RHSA-2026:17040)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17040 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use...
AlmaLinux 10 : glib2 (ALSA-2026:15969)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:15969 advisory. glib: GLib: Buffer underflow in GVariant parser leads to heap corruption CVE-2025-14087 glib: Integer Overflow in GLib GIO Attribute Escaping Causes Hea...
Unity Linux 20.1070e Security Update: golang (UTSA-2026-017807)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017807 advisory. SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass. Tenable...
RHEL 9 : freerdp (RHSA-2026:16482)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:16482 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...
Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN- OS software...
RHEL 10 : python3.12 (RHSA-2026:16699)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:16699 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
Linux Distros Unpatched Vulnerability : CVE-2026-43377
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey...
Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. A server-side request forgery SSRF vulnerability in the IKEv2 implementation of Palo Alto Networks PAN- OS software allo...
AlmaLinux 10 : freerdp (ALSA-2026:16014)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16014 advisory. freerdp: FreeRDP: Denial of service via heap use-after-free during auto-reconnect CVE-2026-25997 freerdp: FreeRDP: Denial of service due to use-after-fr...
RHEL 8 : go-toolset:rhel8 (RHSA-2026:16694)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16694 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: cmd/go: golang: Go golang...
RHEL 10 : fence-agents (RHSA-2026:17083)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17083 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...
RockyLinux 9 : thunderbird (RLSA-2026:15892)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:15892 advisory. firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScri...
CentOS 9 : sssd-2.9.9-1.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the sssd-2.9.9-1.el9 build changelog. - out-of-bounds read in the sssd CVE-2026-6245 Note that Nessus has not tested for this issue but has instead relied only on the application's...
Linux Distros Unpatched Vulnerability : CVE-2026-43481
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net-shapers: don't free reply skb after genlmsgreply genlmsgreply hands the reply skb to netlink, and netlinkunicast consumes it on all return paths, whether th...
Linux Distros Unpatched Vulnerability : CVE-2026-43399
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu/userq: Fix reference leak in amdgpuuserqwaitioctl Drop reference to syncobj and timeline fence when aborting the ioctl due output array being too...
Linux Distros Unpatched Vulnerability : CVE-2026-43285
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current-memsallowedseq if !allowspin Lockdep complains when...
Linux Distros Unpatched Vulnerability : CVE-2026-43323
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zerovruntime tracking fix John reported that stress-ng-yield could make his...
Linux Distros Unpatched Vulnerability : CVE-2026-43391
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not...
Linux Distros Unpatched Vulnerability : CVE-2026-43324
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - USB: dummy-hcd: Fix interrupt synchronization error This fixes an error in synchronization in the dummy- hcd driver. The error has a somewhat involved history...
RHEL 9 : jq (RHSA-2026:16693)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:16693 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...