338622 matches found
RHEL 9 : golang (RHSA-2026:16498)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16498 advisory. The golang packages provide the Go programming language compiler. Security Fixes: cmd/go: golang: Go golang and cmd/go: Arbitrary Code Execution via...
MiracleLinux 8 : freerdp-2.11.7-9.el8_10 (AXSA:2026-607:17)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-607:17 advisory. freerdp: FreeRDP: Denial of service due to use-after-free vulnerability CVE-2026-25952 freerdp: FreeRDP: Denial of Service via double free...
Oracle Linux 8 : freerdp (ELSA-2026-16019)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-16019 advisory. - Lock appWindow to fix use-after-free in RAIL mode CVE-2026-25952 Resolves: RHEL-159850 - Fix double free in xfrailwindowcommon cleanup CVE-2026-2698...
RHEL 9 : freerdp (RHSA-2026:16483)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:16483 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...
RHEL 8 : kernel (RHSA-2026:16204)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16204 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Dirty Frag is a new universal Local...
RHEL 8 : kernel (RHSA-2026:16195)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16195 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Dirty Frag is a new universal Local...
RHEL 8 : kernel-rt (RHSA-2026:16196)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16196 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements...
RHEL 9 : kernel (RHSA-2026:16202)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16202 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Dirty Frag is a new universal Local...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50261)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50261 advisory. - xfrm: esp: ipv4: fix up flags setting Greg Kroah-Hartman Orabug: 39344515 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags...
RHEL 9 : kernel (RHSA-2026:16312)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16312 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Dirty Frag is a new universal Local...
RHEL 9 : kernel (RHSA-2026:16328)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16328 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Dirty Frag is a new universal Local...
RHEL 8 : kernel (RHSA-2026:16201)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16201 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Dirty Frag is a new universal Local...
RHEL 9 : kernel-rt (RHSA-2026:16203)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16203 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-11.0.1.1)
The version of AHV installed on the remote host is prior to AHV-11.0.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-11.0.1.1 advisory. - LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics...
Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50260)
"The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50260 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6xmit Use RCU in ip6xmit in order to use dstdevrcu to...
RHEL 10 : kernel (RHSA-2026:16314)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:16314 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Dirty Frag is a new universal Local...
MiracleLinux 8 : grafana-9.2.10-30.el8_10 (AXSA:2026-603:15)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-603:15 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50262)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50262 advisory. - xfrm: esp: avoid in-place decrypt on shared skb frags Kuan-Ting Chen Orabug: 39344527 CVE-2026-43284 - x86/CPU/AMD: Add a fix for AMD-SB-7052...
Linux Distros Unpatched Vulnerability : CVE-2026-33243
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - barebox is a bootloader. In barebox from version 2016.03.0 to before version 2026.03.1 and the corresponding backport to 2025.09.3, an attacker could exploit a...
Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-8243-1)
"The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8243-1 advisory. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these...
Unity Linux 20.1060e / 20.1070e Security Update: postgresql (UTSA-2026-017500)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017500 advisory. A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If...
Linux Distros Unpatched Vulnerability : CVE-2026-4890
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...
Unity Linux 20.1060e / 20.1070e Security Update: gnutls (UTSA-2026-017621)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017621 advisory. A flaw was found in gnutls. A use after free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and other potential consequences...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017439)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017439 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017478)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017478 advisory. A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, usi...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017442)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017442 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.26 and prior. Easily exploitab...
Unity Linux 20.1060e / 20.1070e Security Update: tomcat (UTSA-2026-017612)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017612 advisory. When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers an...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : CiviCRM vulnerability (USN-8242-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8242-1 advisory. Takuya Aramaki discovered that Smarty, vendored in CiviCRM, did not properly escape JavaScript code. An attacker could possibl...
Unity Linux 20.1060e / 20.1070e Security Update: zstd (UTSA-2026-017635)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017635 advisory. Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permission...
Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017524)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017524 advisory. A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017602)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017602 advisory. A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017458)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017458 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable...
Unity Linux 20.1070e Security Update: netty (UTSA-2026-017789)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017789 advisory. HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header...
Unity Linux 20.1070e Security Update: jetty (UTSA-2026-017459)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017459 advisory. For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not...
Linux Distros Unpatched Vulnerability : CVE-2026-44777
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. In 1.8.2rc1 and earlier, the ordinary module loader recurses without cycle detection when two otherwise valid modules inclu...
Debian dla-4576 : p7zip - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4576 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4576-1 [email protected]...
Unity Linux 20.1060e / 20.1070e Security Update: samba (UTSA-2026-017656)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017656 advisory. A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that...
Unity Linux 20.1060e / 20.1070e Security Update: libgcrypt (UTSA-2026-017573)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017573 advisory. Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpipowm, and...
Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017510)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017510 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
Unity Linux 20.1070e Security Update: netty (UTSA-2026-017758)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017758 advisory. Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. I...
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-8254-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8254-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
Unity Linux 20.1060e / 20.1070e Security Update: fetchmail (UTSA-2026-017438)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017438 advisory. Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. Tenable has extracted...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017620)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017620 advisory. A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined...
Unity Linux 20.1070e Security Update: netty (UTSA-2026-017767)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017767 advisory. Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. I...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017734)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017734 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.23 and prior. Easily exploitable...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017685)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017685 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.23 and prior. Easily...
Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017603)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017603 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
macOS 15.x < 15.7.7 Multiple Vulnerabilities (127116)
The remote host is running a version of macOS / Mac OS X that is 15.x prior to 15.7.7. It is, therefore, affected by multiple vulnerabilities: - A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sonoma...
Unity Linux 20.1060e / 20.1070e Security Update: ruby (UTSA-2026-017492)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017492 advisory. An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pygments (UTSA-2026-017493)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017493 advisory. In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponentia...