337863 matches found
EulerOS 2.0 SP13 : avahi (EulerOS-SA-2026-2278)
According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any...
RHEL 9 : thunderbird (RHSA-2026:24844)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:24844 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ES...
EulerOS 2.0 SP13 : binutils (EulerOS-SA-2026-2323)
According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of- bounds read in the bfd linker, allows a...
Linux Distros Unpatched Vulnerability : CVE-2026-34181
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue Summary: The PKCS12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 PBMAC1...
EulerOS 2.0 SP13 : bind (EulerOS-SA-2026-2279)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU...
EulerOS 2.0 SP13 : bind (EulerOS-SA-2026-2322)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU...
EulerOS 2.0 SP13 : glibc (EulerOS-SA-2026-2290)
According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width...
EulerOS 2.0 SP13 : expat (EulerOS-SA-2026-2328)
According to the versions of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.CVE-2026-32778...
EulerOS 2.0 SP13 : gdk-pixbuf2 (EulerOS-SA-2026-2287)
According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper...
EulerOS 2.0 SP13 : python-pygments (EulerOS-SA-2026-2355)
According to the versions of the python-pygments packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file...
EulerOS 2.0 SP13 : avahi (EulerOS-SA-2026-2321)
According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any...
Linux Distros Unpatched Vulnerability : CVE-2026-11793
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stac...
Linux Distros Unpatched Vulnerability : CVE-2026-46278
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/imagination: Fix segfault when updating ftrace mask Fix invalid data access by passing right data for debugfs entry. 171.549793 Unable to handle kernel NULL...
Linux Distros Unpatched Vulnerability : CVE-2026-46281
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d mm/vmalloc: allow to set node and align in vrealloc added the ability to force a new...
Linux Distros Unpatched Vulnerability : CVE-2026-52905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/core: disallow non-power of two minregionsz on damonstart Commit d8f867fa0825 mm/damon: add damonctx-minszregion introduced a bug that allows unaligned...
Splunk Enterprise 9.3.0 < 9.3.13, 9.4.0 < 9.4.12, 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0606)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0606 advisory. - In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13...
Linux Distros Unpatched Vulnerability : CVE-2026-8833
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an...
Linux Distros Unpatched Vulnerability : CVE-2026-34180
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer...
Linux Distros Unpatched Vulnerability : CVE-2026-7383
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact...
EulerOS 2.0 SP13 : polkit (EulerOS-SA-2026-2350)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
EulerOS 2.0 SP13 : polkit (EulerOS-SA-2026-2307)
According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...
Linux Distros Unpatched Vulnerability : CVE-2026-34183
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A...
Linux Distros Unpatched Vulnerability : CVE-2026-11696
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in Video in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain...
Linux Distros Unpatched Vulnerability : CVE-2026-41845
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to incorrect escaping, the use of JavaScriptUtils.javaScriptEscape may lead to JavaScript code injection in the browser, potentially resulting in a cross-si...
Linux Distros Unpatched Vulnerability : CVE-2026-46320
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both...
FreeBSD : Unbound -- Multiple vulnerabilities (72e5b334-6365-11f1-8c57-000af7b98cf6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 72e5b334-6365-11f1-8c57-000af7b98cf6 advisory. NLnet Labs reports: This release consolidates security fixes for issues reported over a period...
Security Updates for Microsoft SharePoint Server 2016 (June 2026)
The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attack...
Fedora 44 : exim (2026-78bf093219)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-78bf093219 advisory. This is an update fixing a pre-authentication information disclosure CVE-2026-48840. Tenable has extracted the preceding description block directly from the...
Linux Distros Unpatched Vulnerability : CVE-2026-42536
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based Buffer Overflow vulnerability in Apache HTTP Server with modxml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: fro...
Fedora 43 : objfw (2026-d1580bc2d5)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d1580bc2d5 advisory. Update to 1.5.5, containing many bug fixes, some also security related. Tenable has extracted the preceding description block directly from the Fedora securi...
KB5094122: Windows 10 Version 1607 / Windows Server 2016 Security Update (June 2026)
The remote Windows host is missing security update 5094122. It is, therefore, affected by multiple vulnerabilities - Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVE-2026-47291 - Heap-based buffer overflow in Remote Desktop...
EulerOS 2.0 SP11 : protobuf (EulerOS-SA-2026-2260)
According to the versions of the protobuf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypasse...
Linux Distros Unpatched Vulnerability : CVE-2026-11645
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted...
Adobe InDesign < 20.5.4 / 21.0 < 21.4.0 Multiple Vulnerabilities (APSB26-58)
The version of Adobe InDesign installed on the remote Windows host is prior to 20.5.4, 21.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-58 advisory. - InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2026-41841
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring MVC and WebFlux applications are vulnerable to Information Disclosure attacks when resolving static resources. Affected versions: Spring Framework 7.0.0...
Linux Distros Unpatched Vulnerability : CVE-2026-41843
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring MVC and WebFlux applications are vulnerable to Path Traversal attacks when resolving static resources. Affected versions: Spring Framework 7.0.0 through...
Fedora 43 : mingw-objfw (2026-de23fedf3e)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-de23fedf3e advisory. Update to 1.5.5, containing many bug fixes, some also security related. Tenable has extracted the preceding description block directly from the Fedora securi...
EulerOS 2.0 SP11 : python-virtualenv (EulerOS-SA-2026-2227)
According to the versions of the python-virtualenv packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use...
Linux Distros Unpatched Vulnerability : CVE-2026-11668
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video...
Linux Distros Unpatched Vulnerability : CVE-2026-11675
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data...
Linux Distros Unpatched Vulnerability : CVE-2026-11642
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Web Apps in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a...
Linux Distros Unpatched Vulnerability : CVE-2026-11698
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2026-11623
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in tmux up to 3.6a. Affected is the function imagefree of the file image.c. Such manipulation leads to use after free...
Linux Distros Unpatched Vulnerability : CVE-2026-11682
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to...
Linux Distros Unpatched Vulnerability : CVE-2026-11673
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in InterestGroups in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTM...
Linux Distros Unpatched Vulnerability : CVE-2026-11632
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute...
Linux Distros Unpatched Vulnerability : CVE-2026-41855
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2MessageConverter and...
EulerOS 2.0 SP11 : binutils (EulerOS-SA-2026-2198)
According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header...
EulerOS 2.0 SP11 : binutils (EulerOS-SA-2026-2236)
According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header...
Linux Distros Unpatched Vulnerability : CVE-2026-11629
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...