337866 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-28947
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5,...
Linux Distros Unpatched Vulnerability : CVE-2026-28958
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This issue was addressed with improved data protection. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. An app ma...
Linux Distros Unpatched Vulnerability : CVE-2026-43658
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5,...
Linux Distros Unpatched Vulnerability : CVE-2026-28942
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5,...
Linux Distros Unpatched Vulnerability : CVE-2026-28955
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe...
Linux Distros Unpatched Vulnerability : CVE-2026-28902
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5,...
Linux Distros Unpatched Vulnerability : CVE-2026-28946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, macOS Tahoe 26.5. Processing maliciously crafted web...
Linux Distros Unpatched Vulnerability : CVE-2026-28901
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5,...
Linux Distros Unpatched Vulnerability : CVE-2026-28907
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe...
Linux Distros Unpatched Vulnerability : CVE-2026-28953
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe...
Linux Distros Unpatched Vulnerability : CVE-2026-28847
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe...
Linux Distros Unpatched Vulnerability : CVE-2026-28903
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe...
Linux Distros Unpatched Vulnerability : CVE-2026-46217
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Avoid overflow on msg bound check As pointed out by SDL, the previous...
Linux Distros Unpatched Vulnerability : CVE-2026-28904
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe...
Linux Distros Unpatched Vulnerability : CVE-2026-45109
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.18 and 16.2.6, it was found that the fix addressing...
Linux Distros Unpatched Vulnerability : CVE-2026-46237
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Avoid overflow on msg bound check As pointed out by SDL, the previous...
Linux Distros Unpatched Vulnerability : CVE-2026-44575
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.16 and 16.2.5, App Router applications that rely on middleware...
Linux Distros Unpatched Vulnerability : CVE-2026-44577
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default imag...
Linux Distros Unpatched Vulnerability : CVE-2026-28905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5...
Linux Distros Unpatched Vulnerability : CVE-2026-46188
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - octeonepvf: add NULL check for napibuildskb napibuildskb can return NULL on allocation failure. In octepvfoqprocessrx, the result is used directly without a NUL...
Linux Distros Unpatched Vulnerability : CVE-2026-46145
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mana: Validate rxhashkeylen Sashiko points out that rxhashkeylen comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to tra...
RockyLinux 10 : postgresql16 (RLSA-2026:19010)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19010 advisory. postgresql: PostgreSQL oidvector discloses a few bytes of memory CVE-2026-2003 postgresql: PostgreSQL missing validation of multibyte character length...
RockyLinux 10 : postgresql18 (RLSA-2026:19009)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19009 advisory. postgresql: PostgreSQL pgtrgm heap buffer overflow writes pattern onto server memory CVE-2026-2007 postgresql: PostgreSQL oidvector discloses a few byt...
Linux Distros Unpatched Vulnerability : CVE-2026-45931
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm...
Linux Distros Unpatched Vulnerability : CVE-2026-42507
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading...
Linux Distros Unpatched Vulnerability : CVE-2026-46055
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer...
TencentOS Server 3: httpd:2.4 (TSSA-2026:0425)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0425 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
SUSE SLES15 Security Update : kernel (SUSE-SU-2026:2202-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2202-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: -...
AlmaLinux 10 : vim (ALSA-2026:22711)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:22711 advisory. vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 Tenable has extracted the preceding description block directl...
Linux Distros Unpatched Vulnerability : CVE-2026-46447
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo. CVE-2026-46447 Note...
Linux Distros Unpatched Vulnerability : CVE-2026-46042
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/mempolicy: fix memory leaks in weightedinterleaveautostore weightedinterleaveautostore fetches oldwistate inside the if !input block only. This causes two...
Linux Distros Unpatched Vulnerability : CVE-2026-46166
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mac80211: use safe list iteration in radar detect work The call to ieee80211dfscaccancel can cause the iterated chanctx to be freed and removed from the...
Linux Distros Unpatched Vulnerability : CVE-2026-46192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself...
Linux Distros Unpatched Vulnerability : CVE-2026-47333
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory...
Linux Distros Unpatched Vulnerability : CVE-2026-46202
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: appletb-kbd: run inactivity autodim from workqueues The autodim code in hid-appletb-kbd takes backlightdevice-opslock via backlightdevicesetbrightness -...
Linux Distros Unpatched Vulnerability : CVE-2026-26280
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - systeminformation is a System and OS information library for node.js. In versions prior to 5.30.8, a command injection vulnerability in the wifiNetworks functio...
RockyLinux 9 : gnutls (RLSA-2026:20612)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:20612 advisory. gnutls: Fix qsort comparator in DTLS reassembly CVE-2026-42009 gnutls: Fix crashing on an underflow with a DTLS datagram CVE-2026-33845 gnutls: Fix...
Linux Distros Unpatched Vulnerability : CVE-2026-46215
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm: Set old handle to NULL before prime swap in changehandle There was a potential race condition in changehandle. The ioctl briefly had a single object with t...
Linux Distros Unpatched Vulnerability : CVE-2026-47265
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the cookies parameter on requests are...
RockyLinux 10 : unbound (RLSA-2026:18556)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:18556 advisory. unbound: DNSBomb vulnerability CVE-2024-33655 unbound: Unbound domain hijacking via promiscuous records CVE-2025-11411 Tenable has extracted the...
AlmaLinux 10 : openssl (ALSA-2026:22314)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:22314 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding descriptio...
Linux Distros Unpatched Vulnerability : CVE-2026-24712
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Northern.tech CFEngine Enterprise and Community before 3.21.8, 3.24.3, and 3.27.0 allows Command injection. CVE-2026-24712 Note that Nessus relies on the presen...
Linux Distros Unpatched Vulnerability : CVE-2026-46029
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/slab: return NULL early from kmallocnolock in NMI on UP On UP kernels !CONFIGSMP, spintrylock is a no-op that unconditionally succeeds even when the lock is...
RockyLinux 9 : postgresql-jdbc (RLSA-2026:22304)
The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2026:22304 advisory. jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication CVE-2026-42198 Tenable has extracted the preceding...
Linux Distros Unpatched Vulnerability : CVE-2026-46256
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFS/localio: prevent direct reclaim recursion into NFS via nfswritepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ,...
Linux Distros Unpatched Vulnerability : CVE-2026-46013
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt...
Linux Distros Unpatched Vulnerability : CVE-2026-46254
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AppArmor: Allow apparmor to handle unaligned dfa tables The dfa tables can originate from kernel or userspace and 8-byte alignment isn't always guaranteed and a...
AlmaLinux 9 : openssl (ALSA-2026:22312)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:22312 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding description...
Linux Distros Unpatched Vulnerability : CVE-2026-49943
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The...
AIX : Multiple Vulnerabilities (IJ58124)
The version of AIX installed on the remote host is prior to APAR IJ58124. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ58124 advisory. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD...