337960 matches found
Jenkins LTS < 2.555.3 / Jenkins weekly < 2.568 Multiple Vulnerabilities
According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.555.3 or Jenkins weekly prior to 2.568. It is, therefore, affected by multiple vulnerabilities: - Jenkins 2.483 through 2.567 both inclusive, LTS 2.492.1 through...
EulerOS 2.0 SP13 : avahi (EulerOS-SA-2026-2321)
According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any...
openSUSE 16 Security Update : postgresql-jdbc (openSUSE-SU-2026:20847-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20847-1 advisory. This update for postgresql-jdbc fixes the following issue - CVE-2026-42198: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication...
Linux Distros Unpatched Vulnerability : CVE-2026-49839
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow CVE-2026-49839 CVE-2026-49839 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2026-52907
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: rockchip: rkcif: fix off by one bugs Change these comparisons from vs = to avoid accessing one element beyond the end of the arrays. While at it, use...
EulerOS 2.0 SP13 : libgcrypt (EulerOS-SA-2026-2339)
According to the versions of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to...
Splunk Enterprise 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0603)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0603 advisory. - In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14,...
EulerOS 2.0 SP13 : libgcrypt (EulerOS-SA-2026-2296)
According to the versions of the libgcrypt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to...
EulerOS 2.0 SP13 : firewalld (EulerOS-SA-2026-2329)
According to the versions of the firewalld packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setter...
EulerOS 2.0 SP13 : python-pip (EulerOS-SA-2026-2353)
According to the versions of the python-pip packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Prior to version 2.33.0, the requests.utils.extractzippedpaths utility function uses a predictable filename when...
EulerOS 2.0 SP13 : libtiff (EulerOS-SA-2026-2343)
According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile...
Linux Distros Unpatched Vulnerability : CVE-2026-34181
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue Summary: The PKCS12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 PBMAC1...
Linux Distros Unpatched Vulnerability : CVE-2026-35188
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the statusrequest extension, triggering a double-free i...
EulerOS 2.0 SP13 : glib-networking (EulerOS-SA-2026-2332)
According to the versions of the glib-networking package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in glib-networking. A malicious Transport Layer Security TLS server can exploit an out- of-bounds read and invalid free...
EulerOS 2.0 SP13 : gdk-pixbuf2 (EulerOS-SA-2026-2330)
According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper...
Linux Distros Unpatched Vulnerability : CVE-2026-11837
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A local privilege escalation vulnerability was found in the ansible.posix authorizedkey module. The module's keyfile function uses os.chown instead of os.lchown...
Linux Distros Unpatched Vulnerability : CVE-2026-46305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded...
Linux Distros Unpatched Vulnerability : CVE-2026-46328
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - apparmor: fix rlimit for posix cpu timers Posix cpu timers requires an additional step beyond setting the rlimit. Refactor the code so its clear when what code ...
Linux Distros Unpatched Vulnerability : CVE-2026-46297
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: libwx: use requestirq for VF misc interrupt Currently, requestthreadedirq is used with a primary handler but a NULL threaded handler, while also setting th...
Linux Distros Unpatched Vulnerability : CVE-2026-41854
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to incorrect host parsing, applications that rely on UriComponentsBuilder to parse and validate an externally provided URL string may be exposed to a...
EulerOS 2.0 SP13 : libarchive (EulerOS-SA-2026-2337)
According to the versions of the libarchive packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing...
EulerOS 2.0 SP13 : glibc (EulerOS-SA-2026-2333)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width...
RHEL 8 : flatpak (RHSA-2026:25068)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25068 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak:...
EulerOS 2.0 SP13 : binutils (EulerOS-SA-2026-2280)
According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of- bounds read in the bfd linker, allows a...
Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass...
RHEL 9 : mod_http2 (RHSA-2026:25057)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:25057 advisory. The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: HTTP/2: Remote...
Linux Distros Unpatched Vulnerability : CVE-2026-11793
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stac...
Linux Distros Unpatched Vulnerability : CVE-2026-7186
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stored cross-site scripting in the URL dashboard widget in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows a user with dashboard editing...
Linux Distros Unpatched Vulnerability : CVE-2026-9549
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stored cross-site scripting in the service discovery active check output in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an administrator...
FreeBSD : Elixir -- Denial of service via unbounded integer parsing in Version (45accfb8-56e4-41b7-8463-572ce643fde0)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 45accfb8-56e4-41b7-8463-572ce643fde0 advisory. PJUllrich reports: The Version module parses numeric version components without length limits. Untruste...
EulerOS 2.0 SP13 : curl (EulerOS-SA-2026-2326)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl can in some circumstances reuse the wrong connection when asked to dox000D an Negotiate-authenticated HTTP or HTTPS request.x000D x000D...
Linux Distros Unpatched Vulnerability : CVE-2025-55651
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference in the gfisomgetuserdatacount function isomedia/isomread.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via...
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-2275)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 crypto: algifaead - Revert to operating out-of-placeCVE-2026-31431 Tenable has...
CentOS 9 : libsolv-0.7.24-6.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the libsolv-0.7.24-6.el9 build changelog. - A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker- controlled compressed data within .solv files...
EulerOS 2.0 SP13 : systemd (EulerOS-SA-2026-2358)
According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.CVE-2026-40226 A flaw was...
Linux Distros Unpatched Vulnerability : CVE-2026-46332
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - greybus: gb-beagleplay: bound bootloader receive buffering cc1352bootloaderrx appends each serdev chunk into the fixed rxbuffer before parsing bootloader packet...
Linux Distros Unpatched Vulnerability : CVE-2026-46310
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the clean...
EulerOS 2.0 SP13 : nghttp2 (EulerOS-SA-2026-2303)
According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...
EulerOS 2.0 SP13 : ncurses (EulerOS-SA-2026-2302)
According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyzestring in progs/infocmp.c.CVE-2025-69720...
EulerOS 2.0 SP13 : git (EulerOS-SA-2026-2288)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Git for Windows is the Windows port of Git. Prior to 2.53.02, it is possible to obtain a user's NTLM hash by tricking them into cloning from a...
EulerOS 2.0 SP13 : polkit (EulerOS-SA-2026-2350)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
EulerOS 2.0 SP13 : libsoup (EulerOS-SA-2026-2341)
According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in...
openSUSE 15: azure-cli / azure-cli-core / azure-cli-telemetry / python311-anyio / etc (SUSE-SU-SUSE-RU-2026:2237-2)
"The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-RU-2026:2237-2 advisory. Changes in azure-cli-core: - Drop CVE-2025-24049 patch, fixed upstream - New upstream release - Version 2.82.0 - For detailed information...
EulerOS 2.0 SP13 : openssh (EulerOS-SA-2026-2305)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a...
Linux Distros Unpatched Vulnerability : CVE-2026-42771
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: When the X509VERIFYPARAMset1email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an...
EulerOS 2.0 SP13 : sqlite (EulerOS-SA-2026-2357)
According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain...
EulerOS 2.0 SP13 : polkit (EulerOS-SA-2026-2307)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
Splunk Enterprise 9.3.0 < 9.3.13, 9.4.0 < 9.4.12, 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0605)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0605 advisory. - In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13...
EulerOS 2.0 SP13 : NetworkManager (EulerOS-SA-2026-2320)
According to the versions of the NetworkManager packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allow...
EulerOS 2.0 SP13 : mesa (EulerOS-SA-2026-2301)
According to the versions of the mesa packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an...