337960 matches found
RockyLinux 9 : vim (RLSA-2026:22717)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22717 advisory. vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 Tenable has extracted the preceding description block directl...
Linux Distros Unpatched Vulnerability : CVE-2026-11181
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Media Session in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML...
RockyLinux 9 : mod_http2 (RLSA-2026:22551)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22551 advisory. httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 Tenable has extracted the preceding description block directly from the RockyLinux securi...
Linux Distros Unpatched Vulnerability : CVE-2026-11140
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentiall...
Linux Distros Unpatched Vulnerability : CVE-2026-50257
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a...
Linux Distros Unpatched Vulnerability : CVE-2026-10893
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium...
Linux Distros Unpatched Vulnerability : CVE-2026-11268
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-10931
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-10920
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in WebShare in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer...
Linux Distros Unpatched Vulnerability : CVE-2026-11136
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-11256
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a...
Linux Distros Unpatched Vulnerability : CVE-2026-11154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandb...
Linux Distros Unpatched Vulnerability : CVE-2026-11099
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
Linux Distros Unpatched Vulnerability : CVE-2026-11053
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
Linux Distros Unpatched Vulnerability : CVE-2026-11086
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute...
Linux Distros Unpatched Vulnerability : CVE-2026-11064
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via ...
Linux Distros Unpatched Vulnerability : CVE-2026-11036
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in DOM in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page...
Node.js Module node-tar < 7.5.11 Arbitrary File Overwrite
The version of node-tar installed on the remote host is prior to 7.5.11. It is, therefore, affected by a vulnerability: - node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar npm can be tricked into creating a symlink that points outside the extraction directory by using a...
Linux Distros Unpatched Vulnerability : CVE-2026-10892
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HT...
Linux Distros Unpatched Vulnerability : CVE-2026-11039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross- origin data via a crafted HTML page. Chromium securit...
Suricata < 7.0.16 / 8.x < 8.0.5 Multiple Vulnerabilities
The version of OISF Suricata installed on the remote host is prior to 7.0.16 or 8.x prior to 8.0.5. It is, therefore, affected by multiple vulnerabilities, including: - A protocol change while processing HTTP/2 traffic could lead to type confusion in Suricata. Crafted traffic may cause Suricata t...
Linux Distros Unpatched Vulnerability : CVE-2026-11075
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a...
Linux Distros Unpatched Vulnerability : CVE-2026-36499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of...
Linux Distros Unpatched Vulnerability : CVE-2026-10912
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer...
Linux Distros Unpatched Vulnerability : CVE-2026-11158
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentially perform a sandbox...
RockyLinux 10 : libexif (RLSA-2026:22529)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22529 advisory. libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding CVE-2026-40386 Tenable has extracted the preceding...
Linux Distros Unpatched Vulnerability : CVE-2026-11186
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTM...
7-Zip >= 9.34 < 26.01 WIM / Ar SYMDEF OOB Read (GHSL-2026-115_GHSL-2026-122)
The version of 7-Zip installed on the remote Windows host is = 9.34 and prior to 26.01. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read exists in 7-Zip's WIM SecurityId handling, which can lead to a crash when processing a crafted WIM image. CVE-2026-48103 - An...
Linux Distros Unpatched Vulnerability : CVE-2026-10952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted...
RockyLinux 8 : compat-openssl10 (RLSA-2026:22315)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:22315 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding descriptio...
Linux Distros Unpatched Vulnerability : CVE-2026-11261
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-8388-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8388-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as...
Linux Distros Unpatched Vulnerability : CVE-2026-11009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2026-11127
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in WebAPKs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2026-11068
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebSockets in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML pag...
AlmaLinux 8 : bind9.16 (ALSA-2026:23360)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:23360 advisory. bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation CVE-2026-3039 bind: BIND: Denial of Service via specially crafted DNS messages...
Linux Distros Unpatched Vulnerability : CVE-2026-50263
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window...
Linux Distros Unpatched Vulnerability : CVE-2026-10960
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a...
Linux Distros Unpatched Vulnerability : CVE-2026-11296
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perfo...
Linux Distros Unpatched Vulnerability : CVE-2026-10917
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process t...
Linux Distros Unpatched Vulnerability : CVE-2026-11223
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process...
Linux Distros Unpatched Vulnerability : CVE-2026-11040
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a...
Ubuntu 14.04 LTS / 18.04 LTS : Linux kernel vulnerability (USN-8390-1)
The remote Ubuntu 14.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8390-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Fra...
Linux Distros Unpatched Vulnerability : CVE-2026-11014
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension ...
MiracleLinux 8 : dotnet10.0-10.0.108-1.el8_10 (AXSA:2026-759:10)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-759:10 advisory. dotnet: .NET: infinite loop allows an attacker to cause a denial of service CVE-2026-42899 Tenable has extracted the preceding description block directly from...
Linux Distros Unpatched Vulnerability : CVE-2026-10958
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures...
Linux Distros Unpatched Vulnerability : CVE-2026-11030
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic...
Linux Distros Unpatched Vulnerability : CVE-2026-10994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via...
Linux Distros Unpatched Vulnerability : CVE-2026-11070
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the...
Linux Distros Unpatched Vulnerability : CVE-2026-10992
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from...