EulerOS Virtualization 2.13.0 : shim (EulerOS-SA-2026-2190)

According to the versions of the shim package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impac...

EulerOS Virtualization 2.12.1 : python-pip (EulerOS-SA-2026-2086)

According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in...

EulerOS Virtualization 2.13.0 : python-urllib3 (EulerOS-SA-2026-2186)

According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP...

FreeBSD : xorg-server -- Multiple vulnerabilities (592ced15-5e20-11f1-86a2-589cfc10a551)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 592ced15-5e20-11f1-86a2-589cfc10a551 advisory. X.Org project reports: Multiple issues have been found in the X server and Xwayland...

EulerOS Virtualization 2.10.0 : python-ply (EulerOS-SA-2026-2062)

According to the versions of the python-ply package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An undocumented and unsafe feature in the PLY Python Lex-Yacc library 3.11 allows Remote Code Execution RCE via the picklefile...

RHEL 10 : delve (RHSA-2026:23102)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:23102 advisory. Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go...

EulerOS Virtualization 2.12.1 : curl (EulerOS-SA-2026-2072)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libcurl can in some circumstances reuse the wrong connection when asked to do an Negotiate-authenticated HTTP or HTTPS request.libcur...

RHEL 9 : flatpak (RHSA-2026:23418)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23418 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak:...

EulerOS Virtualization 2.13.0 : binutils (EulerOS-SA-2026-2160)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw has been found in GNU Binutils 2.45. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the...

EulerOS Virtualization 2.13.1 : autogen (EulerOS-SA-2026-2119)

According to the versions of the autogen package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function strstrsse2. The...

EulerOS Virtualization 2.13.1 : glib2 (EulerOS-SA-2026-2126)

According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory...

RHEL 10 : kernel (RHSA-2026:23329)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23329 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment...

EulerOS Virtualization 2.13.0 : glib2 (EulerOS-SA-2026-2165)

According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory...

EulerOS Virtualization 2.10.1 : libpcap (EulerOS-SA-2026-2024)

According to the versions of the libpcap package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string...

RHEL 10 : .NET 10.0 (RHSA-2026:22145)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22145 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation...

RHEL 8 : kernel-rt (RHSA-2026:23259)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:23259 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements...

EulerOS Virtualization 2.10.1 : libpng (EulerOS-SA-2026-2025)

According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with...

RHEL 9 : compat-openssl11 (RHSA-2026:22313)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:22313 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from th...

RHEL 9 : firefox (RHSA-2026:22410)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22410 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

EulerOS Virtualization 2.10.0 : python-pip (EulerOS-SA-2026-2061)

According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in...

EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2026-2066)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag...

RHEL 7 : firefox (RHSA-2026:22708)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:22708 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

EulerOS Virtualization 2.10.1 : glibc (EulerOS-SA-2026-2020)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interfa...

EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2026-2039)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag...

Fedora 44 : firefox (2026-d1aae27e8b)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d1aae27e8b advisory. - New upstream release 151.0.3 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

EulerOS Virtualization 2.13.0 : python-pip (EulerOS-SA-2026-2183)

According to the versions of the python-pip package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with...

RHEL 9 : osbuild-composer (RHSA-2026:22733)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22733 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for...

RHEL 9 : postgresql-jdbc (RHSA-2026:22304)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:22304 advisory. PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs...

RHEL 10 : libexif (RHSA-2026:22529)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22529 advisory. The libexif packages provide a library for extracting extra information from image files. Security Fixes: libexif: libexif: Denial of Service and...

EulerOS Virtualization 2.12.0 : libarchive (EulerOS-SA-2026-2103)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata...

EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2026-2049)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ACPI: CPPC: Avoid out of bounds access when parsing CPC dataCVE-2022-49145 scsi: libsas: Fix use-after-free bug in...

EulerOS Virtualization 2.13.1 : libsodium (EulerOS-SA-2026-2136)

According to the versions of the libsodium package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to...

EulerOS Virtualization 2.12.1 : shim (EulerOS-SA-2026-2089)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impa...

RHEL 10 : ovn25.03 (RHSA-2026:22110)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22110 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...

EulerOS Virtualization 2.13.1 : dhcp (EulerOS-SA-2026-2123)

According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into...

RHEL 8 : kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 (RHSA-2026:23470)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23470 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patc...

RHEL 7 : tigervnc (RHSA-2026:22456)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22456 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

RHEL 10 : thunderbird (RHSA-2026:22325)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:22325 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript...

EulerOS Virtualization 2.12.1 : util-linux (EulerOS-SA-2026-2090)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability exists in util-linux package that allows access control bypass due to improper hostname...

EulerOS Virtualization 2.12.0 : nghttp2 (EulerOS-SA-2026-2107)

According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...

EulerOS Virtualization 2.13.0 : libssh (EulerOS-SA-2026-2176)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libssh: Denial of Service via improper configuration file handlingCVE-2026-0965 libssh: Improper sanitation of paths received from S...

RHEL 9 : libsndfile (RHSA-2026:23221)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:23221 advisory. libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: integer...

EulerOS Virtualization 2.12.1 : nghttp2 (EulerOS-SA-2026-2082)

According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...

EulerOS Virtualization 2.13.1 : protobuf (EulerOS-SA-2026-2143)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit...

EulerOS Virtualization 2.13.0 : autogen (EulerOS-SA-2026-2158)

According to the versions of the autogen package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function strstrsse2. The...

EulerOS Virtualization 2.10.1 : autogen (EulerOS-SA-2026-2014)

According to the versions of the autogen package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function strstrsse2. The...

Photon OS 5.0: Linux PHSA-2026-5.0-0862

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0862. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2026-2132)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...

EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2171)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...

EulerOS Virtualization 2.13.0 : gnupg2 (EulerOS-SA-2026-2167)

According to the versions of the gnupg2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an...