Lucene search
K
NessusRecent

338597 matches found

Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Oracle Linux 9 : firefox (ELSA-2026-19370)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19370 advisory. 140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...

9.6CVSS7.4AI score0.00375EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-53324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: mana: Use pciname for debugfs directory naming Use pcinamepdev for the per-device debugfs directory instead of hardcoded 0 for PFs and pcislotnamepdev-slot...

5.8AI score0.00158EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-53290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources...

7.8CVSS5.9AI score0.00124EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-40941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which...

7.1CVSS5.8AI score0.00159EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-13595

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw...

6.8CVSS5.8AI score0.00131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-12340

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier...

7.5CVSS5.8AI score0.00226EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Oracle Linux 7 : libsoup (ELSA-2026-24722)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-24722 advisory. - Backport fix for CVE-2026-5119 Orabug: 39527088 - Fixes CVE-2026-0719 CVE-2026-1761 Orabug: 38958074 - Fix CVE-2025-14523 Orabug: 38873507 - Backport patch f...

9CVSS7.2AI score0.00947EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Fedora 43 : perl-Socket (2026-7df6c5acad)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7df6c5acad advisory. 2.041- BUGFIXES - Fix reuse of STRLEN len variable in packipmreqsource Tenable has extracted the preceding description block directly from the Fedora securit...

9.1CVSS5.8AI score0.00389EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-53278

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded...

5.8AI score0.00155EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-57966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on th...

4.4CVSS5.9AI score0.00137EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-11999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - X.509 trust-chain bypass path-depth exhaustion in the OpenSSL compatibility certificate verifier wolfSSLX509verifycert. This affects only builds with...

8.2CVSS5.8AI score0.00145EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-40079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Command Injection due to lack of sanitization in...

9.8CVSS5.8AI score0.01113EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-10098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OCSP CertID serial-number length-confusion in wolfSSLOCSPrespfindstatus allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-53322

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vfio/pci: Clean up DMABUFs before disabling function On device shutdown, make vfiopcicoreclosedevice call vfiopcidmabufcleanup before the function is disabled v...

8.8CVSS5.8AI score0.00174EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-56788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allowing attacker...

7.1CVSS5.8AI score0.00119EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-53308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver...

5.8AI score0.00145EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-53323

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats...

5.8AI score0.00155EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-6091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Partial-chain certificate verification may accept chains that terminate at a peer-supplied, untrusted intermediate certificate rather than a trusted anchor. An...

6.5CVSS5.8AI score0.00121EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-46607

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, glances/outdated.py uses pickle.load to read a version-check cache file stored ...

7.8CVSS6.5AI score0.00303EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Oracle Linux 9 : firefox (ELSA-2026-21378)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-21378 advisory. 140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...

9.8CVSS5.8AI score0.00605EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-39938

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have unauthenticated LFI through graphtheme and rrdtool IPC...

9.8CVSS5.8AI score0.00436EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-10512

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The X25519 x8664 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully...

7.5CVSS5.9AI score0.00263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-56786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RTKLIB through 2.4.3 contains an out-of-bounds write vulnerability in decodetype1033 function that fails to clamp length counters to destination buffer size,...

9.8CVSS6.4AI score0.00422EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
•added yesterday•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-0685

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server side template inject SSTI in the expression evaluation component in Genshi Template Engine version 0.7.9 allows a remote attacker to achieve remote code...

9.8CVSS6.8AI score0.00726EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Apache Tomcat 11.0.0.M1 < 11.0.5

The version of Tomcat installed on the remote host is prior to 11.0.5. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat11.0.5security-11 advisory. - Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to...

7.3CVSS5.8AI score0.00213EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Oracle Linux 9 : firefox (ELSA-2026-20574)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-20574 advisory. 140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...

9.8CVSS7.2AI score0.00446EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-55967

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AES-GCM encryption/decryption with extremely large cumulative single message sizes 64 GiB were not properly rejected by the streaming APIs, allowing counter wra...

7.5CVSS5.8AI score0.00114EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-53300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: enetc: fix NTMP DMA use-after-free issue The AI-generated review reported a potential DMA use-after- free issue 1. If netcxmitntmpcmd times out and returns...

7.8CVSS5.9AI score0.00124EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-39893

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request variable was concatenated into a RLIKE SQL...

9.8CVSS5.9AI score0.00363EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-53293

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: fix AMDGPUINFOREADMMRREG There were multiple issues in that code. First of all the order between the reset semaphore and the mmlock was wrong e.g...

5.8AI score0.00168EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-55961

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSLPKCS7verify returning success for a degenerate certs-only PKCS7 object that contains no signer. Such an object has empty signerInfos, so the underlying...

8.2CVSS5.8AI score0.00095EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-53301

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - reset: amlogic: t7: Fix null reset ops Fix missing reset ops causing kernel null pointer dereference. This SOC's reset is currently not used yet. CVE-2026-53301...

5.8AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-6291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bleichenbacher padding oracle in PKCS7 KTRI decryption. When decrypting PKCS7 EnvelopedData using RSA PKCS1 v1.5 key transport, wolfSSL returned distinguishable...

6.5CVSS5.8AI score0.00152EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-11703

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session...

7.5CVSS5.8AI score0.0021EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-53925

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Glances is an open-source system cross-platform monitoring tool. From 4.0.8 until 4.5.5, the securepopen function in glances/secure.py interprets file...

7.8CVSS6AI score0.00184EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Amazon Linux 2 : ecs-init, --advisory ALAS2ECS-2026-129 (ALASECS-2026-129)

The version of ecs-init installed on the remote host is prior to 1.103.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2026-129 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2518)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 Tenable has extracted the preceding description block directly...

8.8CVSS6.9AI score0.93235EPSS
Exploits31References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-6331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility...

7.5CVSS5.8AI score0.00147EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Amazon Linux 2023 : ecs-init (ALAS2023-2026-1906)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1906 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

RHEL 10 : thunderbird (RHSA-2026:30846)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:30846 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape in the DOM: Workers...

9.6CVSS5.9AI score0.00476EPSS
Exploits0References60
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

RHEL 10 : git-lfs (RHSA-2026:30855)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:30855 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing...

9.6CVSS6.7AI score0.00478EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Oracle Linux 8 : git-lfs (ELSA-2026-30853)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-30853 advisory. - Backport CVE-2026-39821 fix vendored golang.org/x/net IDNA Tenable has extracted the preceding description block directly from the Oracle Linux security...

9.6CVSS6.7AI score0.00478EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-54369

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions aclgetfile, aclsetfile, aclextendedfile, and...

8.4CVSS5.9AI score0.00142EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

RHEL 9 : kpatch-patch-5_14_0-570_116_1, kpatch-patch-5_14_0-570_17_1, kpatch-patch-5_14_0-570_39_1, kpatch-patch-5_14_0-570_66_1, and kpatch-patch-5_14_0-570_94_1 (RHSA-2026:33223)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33223 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patc...

7.8CVSS7.1AI score0.00353EPSS
Exploits13References6
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-13593

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when...

6.5CVSS5.8AI score0.00238EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-55960

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Un-negotiated Raw Public Key RFC 7250 accepted in place of an X.509 certificate, bypassing chain validation. A raw public key has no chain, so ParseCertRelative...

8.2CVSS5.8AI score0.00145EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-8720

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When...

7.5CVSS5.8AI score0.00111EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-6678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer underflow in wcPKCS7DecryptOri when handling crafted Other Recipient Info, leading to incorrect length handling during decryption. CVE-2026-6678 Note th...

5.3CVSS5.8AI score0.00161EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

RHEL 8 : kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_125_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 (RHSA-2026:33220)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33220 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patc...

7.8CVSS7.1AI score0.00353EPSS
Exploits13References6
Tenable Nessus
Tenable Nessus
•added yesterday•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-13523

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/baseencoding.c of the component ISOBMFF Parser. Executi...

4.8CVSS5.3AI score0.00112EPSS
Exploits0References3
Total number of security vulnerabilities338597