338622 matches found
Oracle Linux 10 : openexr (ELSA-2026-15888)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-15888 advisory. 3.1.10-8.2 - fix CVE-2026-34588 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...
MiracleLinux 9 : systemd-252-55.el9_7.9.ML.1 (AXSA:2026-609:06)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-609:06 advisory. systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data CVE-2026-29111 Tenable has extracted the preceding description...
MiracleLinux 9 : openexr-3.1.1-3.el9_7.2 (AXSA:2026-604:03)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-604:03 advisory. OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file CVE-2026-34588 Tenable has extracted the preceding description bloc...
Slackware Linux 15.0 / current expat Vulnerability (SSA:2026-132-01)
The version of expat installed on the remote host is prior to 2.7.5 / 2.8.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-132-01 advisory. New expat packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...
Adobe Media Encoder < 25.6.5 / 26.0.0 < 26.2.0 Multiple Arbitrary code execution (APSB26-47) (macOS)
The version of Adobe Media Encoder installed on the remote macOS host is prior to 25.6.5, 26.2.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-47 advisory. - Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an Integer Overflow or Wraparound...
Linux Distros Unpatched Vulnerability : CVE-2026-42257
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands...
RHEL 10 : openexr (RHSA-2026:15888)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:15888 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents...
KB5087541: Windows Server version 23H2 Security Update (May 2026)
The remote Windows host is missing security update 5087541. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Stack-based buffer overflow in Windows Netlogon...
Fortinet FortiManager DoS due to unsafe function in signal handler (FG-IR-26-137)
The version of FortiManager installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-137 advisory. - A use of potentially Dangerous Function vulnerability CWE-676 in FortiAnalyzer and FortiManager API may allow an...
Security Updates for Microsoft Office Products (May 2026) (macOS)
The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the may-12-2026 advisory. - Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVE-2026-40367 - Use after free...
Security Updates for Microsoft Office Online Server (May 2026)
The Microsoft Office Online Server or Office Web Apps installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2026-40359 -...
KB5087539: Windows Server 2025 Security Update (May 2026)
The remote Windows host is missing security update 5087539 or hotpatch 5087423. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Stack-based buffer overflow...
IBM MQ 9.1 < 9.1.0.34 LTS / 9.2 < 9.2.0.41 LTS / 9.3 < 9.3.0.37 LTS / 9.3 < 9.4.5.0 CD / 9.4 LTS / 9.4.5.0 (7269378)
The version of IBM MQ Server running on the remote host is affected by multiple vulnerabilities as referenced in the 7269378 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that...
Security Updates for Microsoft Word Products (May 2026)
The Microsoft Word Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVE-2026-40364 - Use after free in...
MiracleLinux 9 : glib2-2.68.4-18.el9_7.2 (AXSA:2026-608:06)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-608:06 advisory. glib: GLib: Buffer underflow in GVariant parser leads to heap corruption CVE-2025-14087 glib: Integer Overflow in GLib GIO Attribute Escaping Causes...
Fedora 45 : proftpd (2026-c8173d7dcd)
The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c8173d7dcd advisory. Automatic update for proftpd-1.3.9a-2.fc45. Changelog Mon May 11 2026 Paul Howarth - 1.3.9a-2 - Additional escaping for avoidance of SQL injection...
Mozilla Firefox < 150.0.3
The version of Firefox installed on the remote Windows host is prior to 150.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-45 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3. CVE-2026-8401 -...
Fortinet FortiAnalyzer DoS due to unsafe function in signal handler (FG-IR-26-137)
The version of FortiAnalyzer installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-137 advisory. - A use of potentially Dangerous Function vulnerability CWE-676 in FortiAnalyzer and FortiManager API may allow an...
Adobe Media Encoder < 25.6.5 / 26.0.0 < 26.2.0 Multiple Arbitrary code execution (APSB26-47)
The version of Adobe Media Encoder installed on the remote Windows host is prior to 25.6.5, 26.2.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-47 advisory. - Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an Integer Overflow or Wraparound...
Security Updates for Microsoft SharePoint Server 2019 (May 2026)
The Microsoft SharePoint 2019 Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Remote Code Execution CVE-2026-33112, CVE-2026-33110, CVE-2026-35439, CVE-2026-40357, CVE-2026-40365, CVE-2026-40367, CVE-2026-40368,...
Fedora 44 : firefox / nss (2026-6bdf499f6b)
The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-6bdf499f6b advisory. Update NSS to 3.122.2 Update to Firefox 150.0.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...
KB5087544: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (May 2026)
The remote Windows host is missing security update 5087544. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network. CVE-2026-34329 - Heap-based buffer overflow in Windo...
Fedora 45 : dnsmasq (2026-e58a6acf77)
The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e58a6acf77 advisory. Automatic update for dnsmasq-2.92rel2-9.fc45. Changelog Tue May 12 2026 Petr Menk - 2.92rel2-9 - Update to 2.92rel2 rhbz2469245 Mon Apr 20 2026 Petr Menk -...
Fedora 43 : chromium (2026-f4e92d8d66)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f4e92d8d66 advisory. Update to 148.0.7778.96 CVE-2026-7896: Integer overflow in Blink CVE-2026-7897: Use after free in Mobile CVE-2026-7898: Use after free in Chromoting...
Security Updates for Microsoft SharePoint Server Subscription Edition (May 2026)
The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Remote Code Execution CVE-2026-33112, CVE-2026-33110, CVE-2026-35439, CVE-2026-40357, CVE-2026-40368, CVE-2026-45659 Note tha...
KB5087538: Windows 10 version 1809 / Windows Server 2019 Security Update (May 2026)
The remote Windows host is missing security update 5087538. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...
Adobe After Effects < 25.6.5 / 26.0 < 26.2 Multiple Arbitrary code execution (APSB26-48)
The version of Adobe After Effects installed on the remote Windows host is prior to 25.6.5, 26.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-48 advisory. - After Effects versions 26.0, 25.6.4 and earlier are affected by a Stack-based Buffer Overflow...
Fedora 43 : firefox / nss (2026-8978a60b68)
The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-8978a60b68 advisory. Update NSS to 3.122.2 Updated to Firefox 150.0.1 Tenable has extracted the preceding description block directly from the Fedora security advisory...
Oracle Linux 10 : glib2 (ELSA-2026-15969)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-15969 advisory. - Fix CVE-2025-14087 and CVE-2025-14512 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
MiracleLinux 8 : glib2-2.56.4-169.el8_10 (AXSA:2026-606:05)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-606:05 advisory. glib: GLib: Buffer underflow in GVariant parser leads to heap corruption CVE-2025-14087 glib: Integer Overflow in GLib GIO Attribute Escaping Causes...
MiracleLinux 8 : resource-agents-4.9.0-54.el8_10.33 (AXSA:2026-602:05)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-602:05 advisory. pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion CVE-2026-30922 Tenable has extracted the preceding description block directly from the...
Fortinet Fortigate Out-of-bounds access in CAPWAP daemon (FG-IR-26-123)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-26-123 advisory. - An Out-Of-Bounds Write vulnerability CWE-787 in FortiOS capwap daemon may allow an attacker controlling an authenticated...
KB5087420: Windows 11 version 23H2 Security Update (May 2026)
The remote Windows host is missing security update 5087420. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Use after free in Windows Hyper-V allows an...
Security Updates for Microsoft Office Products (May 2026)
The Microsoft Office Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-40358 - Heap-based buffer overflow in Microsoft Office allows an...
KB5089548: Windows 11 Version 26H1 Security Update (May 2026)
The remote Windows host is missing security update 5089548. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Heap-based buffer overflow in Windows Win32K -...
IBM MQ 9.1 < 9.1.0.34 LTS / 9.2 < 9.2.0.41 LTS / 9.3 < 9.3.0.37 LTS / 9.3 < 9.4.5.1 CD / 9.4 LTS RCE (7271933)
The version of IBM MQ Server running on the remote host is affected by a remote code execution vulnerability as referenced in the 7271933 advisory. - IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal...
Adobe Illustrator < 29.8.7 / 30.0 < 30.4 Multiple Vulnerabilities (APSB26-51)
The version of Adobe Illustrator installed on the remote Windows host is prior to 29.8.7, 30.4. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-51 advisory. - Illustrator versions 29.8.6, 30.3 and earlier are affected by a Heap-based Buffer Overflow vulnerabilit...
Security Updates for Microsoft Excel Products (May 2026)
The Microsoft Excel Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2026-40359 - Heap-based buffer overflow in Microsoft Office Excel allows a...
FreeBSD : dnsmasq -- multiple vulnerabilities (eeb4d69a-4d74-11f1-9a9c-994b98c88011)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the eeb4d69a-4d74-11f1-9a9c-994b98c88011 advisory. Simon Kelley reports: Today, 11th May 2026 CERT is releasing a set of six CVEs for serious...
Apache Tomcat 9.0.0.M1 < 9.0.118 multiple vulnerabilities
The version of Tomcat installed on the remote host is prior to 9.0.118. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.118security-9 advisory. - DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. Th...
Fedora 42 : firefox / nss (2026-6acccc3bff)
The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-6acccc3bff advisory. Update NSS to 3.122.2 Update to Firefox 150.0.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...
RHEL 9 : openssh (RHSA-2026:16059)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:16059 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files...
Adobe Premiere Pro < 25.6.5 / 26.0.0 < 26.2.0 Multiple Arbitrary code execution (APSB26-46) (macOS)
The version of Adobe Premiere Pro installed on the remote macOS host is prior to 25.6.5, 26.2.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-46 advisory. - Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by a Use After Free vulnerability that...
Linux Distros Unpatched Vulnerability : CVE-2026-7010
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and U...
KB5087545: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (May 2026)
The remote Windows host is missing security update 5087545 or hotpatch 5087424. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Use after free in Windows Hyper...
Adobe Premiere Pro < 25.6.5 / 26.0.0 < 26.2.0 Multiple Arbitrary code execution (APSB26-46)
The version of Adobe Premiere Pro installed on the remote Windows host is prior to 25.6.5, 26.2.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-46 advisory. - Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by a Use After Free vulnerability that...
Mozilla Firefox < 150.0.3
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 150.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-45 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3...
Debian dsa-6265 : exim4 - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6265 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6265-1 [email protected]...
Security Updates for Microsoft SharePoint Server 2016 (May 2026)
The Microsoft SharePoint 2016 Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Remote Code Execution CVE-2026-33112, CVE-2026-33110, CVE-2026-35439, CVE-2026-40357, CVE-2026-40365, CVE-2026-40367, CVE-2026-40368,...
KB5087537: Windows 10 Version 1607 / Windows Server 2016 Security Update (May 2026)
The remote Windows host is missing security update 5087537. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...