338622 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-25887
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in mgresolvefromhostsfile in Mongoose 6.18, when reading from a crafted hosts file. CVE-2020-25887 Note that Nessus relies on the presence of th...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017671)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017671 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.22 and prior. Easily exploitab...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017771)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017771 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Logging. Supported versions that are affected are 8.0.21 and prior. Difficult to exploit...
Linux Distros Unpatched Vulnerability : CVE-2026-5245
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler...
Linux Distros Unpatched Vulnerability : CVE-2026-43894
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017647)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017647 advisory. A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage in the MagickCore/colorspace.c may trigger undefined behavi...
Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017783)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017783 advisory. Memory leak in the H5Ochunkdeserialize function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service memory consumption...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017717)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017717 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: FTS. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017772)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017772 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...
Unity Linux 20.1070e Security Update: openvpn (UTSA-2026-017760)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017760 advisory. An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using a victim's peer-id. Normally such packets are...
Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017594)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017594 advisory. libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the CURLOPTSSLCERT option --cert with the command li...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017748)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017748 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Federated. Supported versions that are affected are 8.0.25 and prior. Easily exploitable...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Coin3D vulnerabilities (USN-8241-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8241-1 advisory. It was discovered that Expat, vendored in Coin3D incorrectly handled certain files. An attacker could possibly use this issue to...
Unity Linux 20.1070e Security Update: netty (UTSA-2026-017447)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017447 advisory. The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunk...
RHEL 9 : skopeo (RHSA-2026:15941)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:15941 advisory. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify...
Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017507)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017507 advisory. curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPTSSLCIPHERLIST when libcurl is built to use...
Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017535)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017535 advisory. curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets...
Linux Distros Unpatched Vulnerability : CVE-2026-33243
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - barebox is a bootloader. In barebox from version 2016.03.0 to before version 2026.03.1 and the corresponding backport to 2025.09.3, an attacker could exploit a...
Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-8258-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8258-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the...
Unity Linux 20.1060e / 20.1070e Security Update: ruby (UTSA-2026-017539)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017539 advisory. In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. Tenable has...
Unity Linux 20.1060e / 20.1070e Security Update: rubygem-puma (UTSA-2026-017528)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017528 advisory. In Puma RubyGem before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If th...
Unity Linux 20.1060e / 20.1070e Security Update: util-linux (UTSA-2026-017413)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017413 advisory. An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a...
Unity Linux 20.1060e / 20.1070e Security Update: openssl (UTSA-2026-017581)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017581 advisory. Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum...
Unity Linux 20.1070e Security Update: jetty (UTSA-2026-017459)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017459 advisory. For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not...
Unity Linux 20.1070e Security Update: netty (UTSA-2026-017789)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017789 advisory. HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header...
Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017692)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017692 advisory. An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5Olinkdecode in H5Olink.c. Tenable has extracted the...
Unity Linux 20.1060e / 20.1070e Security Update: redis (UTSA-2026-017631)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017631 advisory. Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could b...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Postfix vulnerability (USN-8253-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8253-1 advisory. Kamil Frankowicz discovered that Postfix incorrectly handled certain enhanced status codes. A remote attacker could possibly use...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017718)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017718 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.23 and prior. Easily...
MiracleLinux 9 : java-17-openjdk-17.0.19.0.10-2.el9.ML.1 (AXSA:2026-599:08)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-599:08 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux...
Unity Linux 20.1060e / 20.1070e Security Update: fetchmail (UTSA-2026-017438)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017438 advisory. Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. Tenable has extracted...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017592)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017592 advisory. A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form...
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-8254-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8254-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
MiracleLinux 8 : corosync-3.1.8-1.el8_10.1 (AXSA:2026-593:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-593:02 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017623)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017623 advisory. In RestoreMSCWarning of /coders/pdf.c there are several areas where calls to GetPixelIndex could result in values outside the range of representable for the unsigned...
Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017597)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017597 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017542)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017542 advisory. A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity XXE...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017739)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017739 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017773)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017773 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...
Unity Linux 20.1060e / 20.1070e Security Update: SDL (UTSA-2026-017561)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017561 advisory. SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMAADPCMnibble in audio/SDLwave.c. Tenable has extracted the preceding...
Unity Linux 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-017435)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017435 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a malicious server might trigger out of...
Unity Linux 20.1060e / 20.1070e Security Update: libgit2 (UTSA-2026-017579)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017579 advisory. An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017563)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017563 advisory. A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior...
Unity Linux 20.1060e / 20.1070e Security Update: haproxy (UTSA-2026-017416)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017416 advisory. An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It can lead to a situation with an attacker-controlled HTTP Host heade...
Unity Linux 20.1060e / 20.1070e Security Update: postgresql (UTSA-2026-017503)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017503 advisory. A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to creat...
Unity Linux 20.1060e / 20.1070e Security Update: postgresql (UTSA-2026-017576)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017576 advisory. A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns...
Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017585)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017585 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
Unity Linux 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-017541)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017541 advisory. An issue was discovered in GNOME GLib before 2.66.8. When gfilereplace is used with GFILECREATEREPLACEDESTINATION to replace a path that is a dangling symlink, it...
Unity Linux 20.1060e / 20.1070e Security Update: git (UTSA-2026-017630)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017630 advisory. Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Vim vulnerabilities (USN-8246-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8246-1 advisory. Micha Majchrowicz discovered that Vims zip plugin could overwrite arbitrary files. An attacker could possibly use this...