337960 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-11196
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a...
Linux Distros Unpatched Vulnerability : CVE-2026-11297
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Reader Mode in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to bypass navigation...
Linux Distros Unpatched Vulnerability : CVE-2026-11105
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process t...
Linux Distros Unpatched Vulnerability : CVE-2026-11073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebGL in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a...
Linux Distros Unpatched Vulnerability : CVE-2026-11090
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium securit...
JetBrains YouTrack < 2026.1.13162 Multiple Vulnerabilities
The version of JetBrains YouTrack installed on the remote host is prior to 2026.1.13162. It is, therefore, affected by multiple vulnerabilities as referenced in the advisory. - In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests. CVE-2026-49370 - In...
Linux Distros Unpatched Vulnerability : CVE-2026-11189
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious...
Linux Distros Unpatched Vulnerability : CVE-2026-11153
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Side-channel information leakage in Forms in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-10918
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Viz in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbo...
Linux Distros Unpatched Vulnerability : CVE-2026-11111
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-11023
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to...
RockyLinux 9 : libexif (RLSA-2026:22553)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22553 advisory. libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service...
Linux Distros Unpatched Vulnerability : CVE-2026-10902
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security...
Node.js Module axios < 0.32.0 / 1.x < 1.16.0 NO_PROXY Bypass (SSRF)
The version of the axios Node.js module installed on the remote host is prior to 0.32.0 or 1.x prior to 1.16.0. It is, therefore, affected by the following vulnerability: - shouldBypassProxy, introduced in v1.15.0 to fix CVE-2025-62718, does not normalise IPv4-mapped IPv6 addresses. When NOPROXY...
Linux Distros Unpatched Vulnerability : CVE-2026-11087
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data...
Linux Distros Unpatched Vulnerability : CVE-2026-11146
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer...
Linux Distros Unpatched Vulnerability : CVE-2026-10954
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-10938
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site...
Linux Distros Unpatched Vulnerability : CVE-2026-11248
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Google Lens in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HT...
Linux Distros Unpatched Vulnerability : CVE-2026-11052
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in GPU in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perfo...
Linux Distros Unpatched Vulnerability : CVE-2026-11213
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Reading Mode in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer...
Linux Distros Unpatched Vulnerability : CVE-2026-11172
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in Contact Picker in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2026-50260
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can...
Linux Distros Unpatched Vulnerability : CVE-2026-10961
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentiall...
Linux Distros Unpatched Vulnerability : CVE-2026-50258
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel XkbNumKbdGroups...
Linux Distros Unpatched Vulnerability : CVE-2026-11211
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Ubuntu 24.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-8393-1)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8393-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...
Node.js Module node-tar < 7.5.10 Arbitrary File Overwrite
The version of node-tar installed on the remote host is prior to 7.5.10. It is, therefore, affected by a vulnerability: - node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can be tricked into creating a hardlink that points outside the extraction directory by using a...
Linux Distros Unpatched Vulnerability : CVE-2026-11034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary...
Linux Distros Unpatched Vulnerability : CVE-2026-11123
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-8389-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8389-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as...
Linux Distros Unpatched Vulnerability : CVE-2026-10925
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds write in Skia in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially...
Linux Distros Unpatched Vulnerability : CVE-2026-11203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in GPU in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-11231
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a malicious...
Linux Distros Unpatched Vulnerability : CVE-2026-11074
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...
Linux Distros Unpatched Vulnerability : CVE-2026-10927
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a...
Linux Distros Unpatched Vulnerability : CVE-2026-10940
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a...
Photon OS 4.0: Linux PHSA-2026-4.0-1028
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1028. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Linux Distros Unpatched Vulnerability : CVE-2026-11069
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2026-50292
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code...
Linux Distros Unpatched Vulnerability : CVE-2026-10984
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2026-11095
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process ...
Linux Distros Unpatched Vulnerability : CVE-2026-50256
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name...
7-Zip >= 9.11 < 26.01 UDF OOB Read (GHSL-2026-115_GHSL-2026-122)
The version of 7-Zip installed on the remote Windows host is = 9.11 and prior to 26.01. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read exists in 7-Zip's UDF field handling, which can lead to a crash when processing a crafted UDF image. CVE-2026-48102 - A path...
Linux Distros Unpatched Vulnerability : CVE-2026-11076
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Debian dla-4617 : dovecot-auth-lua - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4617 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4617-1 [email protected]...
Atlassian Jira Service Management Data Center and Server 5.15.2 < 10.3.20 / 10.4.x < 11.3.5 (JSDSERVER-16574)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16574 advisory. - The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior...
Linux Distros Unpatched Vulnerability : CVE-2026-11059
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-11013
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process...
Linux Distros Unpatched Vulnerability : CVE-2026-11217
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Fenced Frames in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypa...