338622 matches found
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017736)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017736 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PS. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...
Unity Linux 20.1060e / 20.1070e Security Update: tar (UTSA-2026-017517)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017517 advisory. A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption...
Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017607)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017607 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017646)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017646 advisory. A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a craft...
Oracle Linux 8 : glib2 (ELSA-2026-15953)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-15953 advisory. 2.68.4-169 - Add patch for CVE-2025-14087 and CVE-2025-14512 Tenable has extracted the preceding description block directly from the Oracle Linux...
Linux Distros Unpatched Vulnerability : CVE-2019-19307
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow in parsemqtt in mongoose.c in Cesanta Mongoose 6.16 allows an attacker to achieve remote DoS infinite loop, or possibly cause an out-of-boun...
Unity Linux 20.1070e Security Update: postgresql (UTSA-2026-017752)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017752 advisory. When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject...
Unity Linux 20.1060e / 20.1070e Security Update: nss (UTSA-2026-017618)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017618 advisory. A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. Thi...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017737)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017737 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior. Easily...
Unity Linux 20.1060e / 20.1070e Security Update: gnutls (UTSA-2026-017621)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017621 advisory. A flaw was found in gnutls. A use after free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and other potential consequences...
RHEL 9 : openexr (RHSA-2026:15887)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:15887 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents ...
MiracleLinux 9 : freeipmi-1.6.17-1.el9_7 (AXSA:2026-584:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-584:01 advisory. freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 Tenable has extracted the preceding description block directly from the MiracleLin...
macOS 26.x < 26.5 Multiple Vulnerabilities (127115)
The remote host is running a version of macOS / Mac OS X that is 26.x prior to 26.5. It is, therefore, affected by multiple vulnerabilities: - A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitializ...
Unity Linux 20.1070e Security Update: batik (UTSA-2026-017788)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017788 advisory. Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the xlink:href attributes. By using a specially-crafted argument, a...
Unity Linux 20.1060e / 20.1070e Security Update: ruby (UTSA-2026-017613)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017613 advisory. The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can ...
Unity Linux 20.1070e Security Update: maven (UTSA-2026-017745)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017745 advisory. Apache Maven will follow repositories that are defined in a dependencys Project Object Model pom which may be surprising to some users, resulting in potential risk i...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pillow (UTSA-2026-017483)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017483 advisory. Pillow before 8.1.2 allows attackers to cause a denial of service memory consumption because the reported size of a contained image is not properly checked for an IC...
Unity Linux 20.1060e / 20.1070e Security Update: nodejs (UTSA-2026-017558)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017558 advisory. Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uvidnatoascii is used to convert strings to ASCII. The pointer p is read and...
Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017535)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017535 advisory. curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets...
Unity Linux 20.1060e / 20.1070e Security Update: c-ares (UTSA-2026-017414)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017414 advisory. A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017680)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017680 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.22 and prior. Easily exploitable...
FreeBSD : dash -- arith: INTMAX_MIN / -1 overflow (ab2258a2-4cea-11f1-aec8-bc241107513d)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ab2258a2-4cea-11f1-aec8-bc241107513d advisory. https://git.kernel.org/pub/scm/utils/dash/dash.git/commit/?id=0034bfe185d3d875cebace8cb3ca5c9dabf9e0f3...
Unity Linux 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-017409)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017409 advisory. An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017748)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017748 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Federated. Supported versions that are affected are 8.0.25 and prior. Easily exploitable...
RHEL 8 : LibRaw (RHSA-2026:15924)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:15924 advisory. LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. Security Fixes: LibRaw: LibRaw:...
Unity Linux 20.1060e / 20.1070e Security Update: bind (UTSA-2026-017624)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017624 advisory. BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default setting...
Unity Linux 20.1060e / 20.1070e Security Update: libgcrypt (UTSA-2026-017437)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017437 advisory. The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous...
Unity Linux 20.1060e / 20.1070e Security Update: audiofile (UTSA-2026-017498)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017498 advisory. Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile aka libaudiofile and Audio File Library 0.3.6 allows remote attackers to have...
Unity Linux 20.1070e Security Update: redis6 (UTSA-2026-017741)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017741 advisory. Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua...
Unity Linux 20.1070e Security Update: opensc (UTSA-2026-017704)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017704 advisory. The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in scpkcs15emugemsafeGPKinit. Tenable has extracted the...
RHEL 10 : glib2 (RHSA-2026:15969)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:15969 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : OWSLib vulnerability (USN-8247-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8247-1 advisory. It was discovered that OWSLib did not properly disable entity resolution within its XML parser. An attacker could possibly use...
Unity Linux 20.1060e / 20.1070e Security Update: wpa_supplicant (UTSA-2026-017609)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017609 advisory. In p2pcopyclientinfo of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device i...
Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017642)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017642 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2...
Unity Linux 20.1060e / 20.1070e Security Update: bind (UTSA-2026-017490)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017490 advisory. In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versio...
Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017567)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017567 advisory. A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion i...
Linux Distros Unpatched Vulnerability : CVE-2025-65502
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Null pointer dereference in addcacerts in Cesanta Mongoose before 7.2 allows remote attackers to cause a denial of service via TLS initialization where...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017445)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017445 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.35 and prior and 8.0.26 and prior. Easily...
Unity Linux 20.1060e / 20.1070e Security Update: mutt (UTSA-2026-017533)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017533 advisory. Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $sslforcetls was processed if an IMAP server's initial server response was invalid. The connectio...
Linux Distros Unpatched Vulnerability : CVE-2026-43896
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. In 1.8.1 and earlier, unbounded recursion in jvobjectmergerecursive allows a crafted jq program to crash the process with a...
Unity Linux 20.1060e / 20.1070e Security Update: mutt (UTSA-2026-017546)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017546 advisory. Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. Tenable has extracted the preceding description block directly from t...
Unity Linux 20.1060e / 20.1070e Security Update: tomcat (UTSA-2026-017616)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017616 advisory. The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017545)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017545 advisory. WriteOnePNGImage from coders/png.c the PNG coder has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017709)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017709 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior a...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017460)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017460 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017691)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017691 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: FTS. Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017798)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017798 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.22 and prior. Easily exploitable...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017786)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017786 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.22 and prior. Easily exploitable...
Unity Linux 20.1060e / 20.1070e Security Update: git (UTSA-2026-017652)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017652 advisory. Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with...
Linux Distros Unpatched Vulnerability : CVE-2026-8275
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in bettercap up to 2.41.5. Affected by this vulnerability is the function ippReadChunkedBody of the file...