Lucene search
K
NessusRecent

338622 matches found

Tenable Nessus
Tenable Nessus
•added 13 hours ago•2 views

NewStart CGSL MAIN 6.06 : gstreamer1-plugins-base Vulnerability (NS-SA-2026-0056)

The remote NewStart CGSL host, running version MAIN 6.06, has gstreamer1-plugins-base packages installed that are affected by a vulnerability: - GStreamer is a library for constructing graphs of media-handling components. An OOB-Write has been detected in the function gstparsevorbissetuppacket...

9.8CVSS7.2AI score0.01101EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added 13 hours ago•3 views

IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.8 (7278580)

The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a vulnerability as referenced in the 7278580 advisory. - IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the...

8.5CVSS5.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 13 hours ago•2 views

Fedora 45 : ipp-usb (2026-7eaf5e3510)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-7eaf5e3510 advisory. Automatic update for ipp-usb-0.9.34-2.fc45. Changelog Tue Jun 30 2026 Zdenek Dohnal - 0.9.34-2 - ipp-usb-0.9.34 is available fedora2463247,...

7.5CVSS5.9AI score0.0065EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 13 hours ago•2 views

IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.8 (7278572)

The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a vulnerability as referenced in the 7278572 advisory. - IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery vulnerability with the...

7.1CVSS5.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 13 hours ago•2 views

Fedora 43 : collectd / varnish / varnish-modules / vmod-querystring (2026-7f36ec4c65)

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-7f36ec4c65 advisory. Update to latest 7.7.x release available, a security release. Includes fixes for VSV00017 aka CVE-2025-8671, aAdded patches for for VSV00018 aka...

9.8CVSS7.5AI score0.04604EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
•added 13 hours ago•2 views

Fedora 45 : jq (2026-b43264dedb)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b43264dedb advisory. Automatic update for jq-1.8.2-4.fc45. Changelog Sat Jun 20 2026 Filipe Rosset - 1.8.2-4 - removed old upstreamed patches Sat Jun 20 2026 Filipe Ross...

7.3CVSS7.4AI score0.00256EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
•added 13 hours ago•2 views

CentOS 9 : kernel-5.14.0-719.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-719.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use after free of parentport in cxldetachep cxldetach...

9.8CVSS6AI score0.00415EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
•added 13 hours ago•2 views

Fedora 43 : chromium (2026-7f29bc3622)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-7f29bc3622 advisory. Update to 149.0.7827.200 CVE-2026-13281: Integer overflow in Mojo CVE-2026-13282: Use after free in Payments CVE-2026-13283: Use after free in...

8.3CVSS5.9AI score0.00229EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
•added 13 hours ago•3 views

CentOS 9 : libgcrypt-1.10.0-12.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the libgcrypt-1.10.0-12.el9 build changelog. - Denial of Service and buffer overflow via crafted ECDH ciphertext CVE-2026-41989 Note that Nessus has not tested for this issue but has instea...

6.7CVSS7AI score0.0018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added 13 hours ago•2 views

Fedora 43 : python-django-haystack (2026-1d2c7eaa2f)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1d2c7eaa2f advisory. Fixes GHSA-r3hx-x5rh-p9vv: via eval in Elasticsearch Result Deserialization...

5.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 13 hours ago•2 views

Fedora 44 : transmission (2026-23d0f010f8)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-23d0f010f8 advisory. Fix qt icon Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue...

5.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 13 hours ago•3 views

Fedora 44 : python-django-haystack (2026-3e10194134)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3e10194134 advisory. Fixes GHSA-r3hx-x5rh-p9vv: via eval in Elasticsearch Result Deserialization...

5.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 13 hours ago•2 views

Fedora 44 : maradns (2026-7726bdbcf1)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7726bdbcf1 advisory. Update to 3.5.0037, fixing DNS-over-TCP bug rhbz2488786 Tenable has extracted the preceding description block directly from the Fedora security advisory. Not...

5.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
•added 13 hours ago•2 views

Fedora 44 : python-jupytext (2026-db770b7d7a)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-db770b7d7a advisory. See https://github.com/jupytext/jupytext/releases/tag/v1.19.4 for changes in version 1.19.4. Notable, this update fixes CVE-2026-45736 and...

7.5CVSS5.9AI score0.00725EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
•added 13 hours ago•3 views

NewStart CGSL MAIN 6.06 : ansible-core Multiple Vulnerabilities (NS-SA-2026-0056)

The remote NewStart CGSL host, running version MAIN 6.06, has ansible-core packages installed that are affected by multiple vulnerabilities: - A flaw was found in Ansible. The ansible-core user module can allow an unprivileged user to silently create or replace the contents of any file on any...

6.3CVSS6.4AI score0.00502EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
•added 13 hours ago•2 views

Fedora 43 : python-jupytext (2026-31e6b85f4e)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-31e6b85f4e advisory. See https://github.com/jupytext/jupytext/releases/tag/v1.19.4 for changes in version 1.19.4. Notable, this update fixes CVE-2026-45736 and...

7.5CVSS5.9AI score0.00725EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
•added yesterday•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-6331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility...

7.5CVSS5.8AI score0.00147EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-12340

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier...

7.5CVSS5.8AI score0.00226EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Axis Communications AXIS OS Improper Neutralization of Wildcards or Matching Symbols (CVE-2024-6509)

A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API alwaysmulti.cgi was vulnerable for file globbing which could lead to resource exhaustion of the Axis device. Axis has released patched AXIS OS versions for this flaw. This plugin only works with Tenable.ot. Please visit...

6.5CVSS5.8AI score0.00391EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-57456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion runtime/autoload/python3complete.vim and the legacy...

8.4CVSS6AI score0.00144EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-13595

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw...

6.8CVSS5.8AI score0.00131EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

RHEL 10 : coreutils (RHSA-2026:33124)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:33124 advisory. The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils...

4.4CVSS5.9AI score0.00215EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Axis Communications AXIS OS Improper Validation of Specified Type of Input (CVE-2024-47262)

Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the web interface of the Axis device. Axis has released patched AXIS OS versions for this flaw. Endpoints not...

5.3CVSS5.8AI score0.00334EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-53305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: typec: ps883x: Fix Oops at unbind When trying to unbind a device in order to bind to it vfio-platform as: echo bc0000.geniqup...

5.8AI score0.00166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-55955

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Authentication vulnerability in Apache Tomcat allowed a replay attack against the EncryptionInterceptor in the cluster component. This issue affects...

6.5CVSS5.8AI score0.00141EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-40941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which...

7.1CVSS5.8AI score0.00159EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

FreeBSD : NSD -- vulnerabilities (bebbc065-73d2-11f1-910d-3c7c3fba4204)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the bebbc065-73d2-11f1-910d-3c7c3fba4204 advisory. NLnet Labs reports: CVE-2026-12244: A specially crafted SVCB RR can cause a heap overflow of u...

8.8CVSS6AI score0.00303EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Axis Communications AXIS OS Cleartext Transmission of Sensitive Information (CVE-2024-0066)

A researcher in the AXIS OS Bug Bounty Program has found that a O3C feature may expose sensitive traffic between the client Axis device and O3C server. This issue does not apply if O3C is not used. Axis has released patched AXIS OS versions for this flaw. This plugin only works with Tenable.ot...

5.3CVSS5.7AI score0.00205EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Oracle Linux 8 : python3.12-urllib3 (ELSA-2026-32992)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-32992 advisory. 1.26.19-3 - Security fixes for CVE-2026-44431 and CVE-2026-44432 Resolves: RHEL-185125, RHEL-184900 Tenable has extracted the preceding description...

8.9CVSS5.9AI score0.0068EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-12912

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occu...

7.3CVSS6.6AI score0.0023EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50351)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50351 advisory. 6.12.0-203.76.7.6 - net: skbuff: fix missing zerocopy reference in pskbcarve helpers Minh Nguyen Orabug: 39639984 CVE-2026-52943 Credit Statement: The...

7.8CVSS5.8AI score0.0018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-57966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on th...

4.4CVSS5.9AI score0.00137EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.18 (RHSA-2026:33371)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33371 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release ...

9.6CVSS7.1AI score0.0217EPSS
Exploits8References22
Tenable Nessus
Tenable Nessus
•added yesterday•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-0685

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Server side template inject SSTI in the expression evaluation component in Genshi Template Engine version 0.7.9 allows a remote attacker to achieve remote code...

9.8CVSS6.8AI score0.00726EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-57453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. From 9.1.1784 until 9.2.0678, when the bundled zip plugin autoload/zip.vim falls back to PowerShell to browse,...

7.3CVSS6.1AI score0.00137EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•3 views

Apache Tomcat 9.0.0.M1 < 9.0.102

The version of Tomcat installed on the remote host is prior to 9.0.102. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.102security-9 advisory. - Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to...

7.3CVSS5.8AI score0.00213EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-39897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Versions 1.2.30 and below contain a Reflected XSS vulnerability in the htmlauthfooter. This...

6.1CVSS5.8AI score0.00155EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-39951

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graphnameregexp ...

8.8CVSS5.9AI score0.00221EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-53310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - soc/tegra: cbb: Fix cross-fabric target timeout lookup When a fabric receives an error interrupt, the error may have occurred on a different fabric. The target...

5.8AI score0.00154EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-13523

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/baseencoding.c of the component ISOBMFF Parser. Executi...

4.8CVSS5.3AI score0.00112EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•3 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50352)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50352 advisory. 5.15.0-321.202.5.3 - net: skbuff: fix missing zerocopy reference in pskbcarve helpers Minh Nguyen Orabug: 39639981 CVE-2026-52943 Credit Statement: The...

7.8CVSS5.8AI score0.0018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
•added yesterday•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-57454

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-7531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a...

9.8CVSS5.8AI score0.00346EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-40082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing sessionregenerateid after login, leading to Session...

5.4CVSS5.8AI score0.00183EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
•added yesterday•3 views

Apache Tomcat 10.1.0.M1 < 10.1.39

The version of Tomcat installed on the remote host is prior to 10.1.39. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat10.1.39security-10 advisory. - Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to...

7.3CVSS5.8AI score0.00213EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

IBM MQ 9.1 < 9.1.0.37 LTS / 9.2 < 9.2.0.43 LTS / 9.3 < 10.0.0.0 CD / 9.3 < 9.3.0.41 LTS / 9.4 < 9.4.0.25 LTS (7277718)

The version of IBM MQ Server running on the remote host is affected by multiple vulnerabilities as referenced in the 7277718 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions tha...

7.5CVSS7.3AI score0.00702EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

RHEL 9 : .NET 9.0 (RHSA-2026:28051)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28051 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

7.5CVSS6.8AI score0.0243EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-55693

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0653, the treecountwords function in src/spellfile.c fills in the word-count fields of a spell-fil...

8.4CVSS5.8AI score0.00126EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
•added yesterday•2 views

SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2026:2673-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2673-1 advisory. Security issues: - CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation bsc1265591. ...

7.5CVSS6.8AI score0.0181EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
•added yesterday•4 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-113 (ALASNITRO-ENCLAVES-2026-113)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-113 advisory. Memory exhaustion DoS causing OOM kill of containerd process NOTE:...

9.4CVSS6.1AI score
Exploits0References12
Total number of security vulnerabilities338622