Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001916)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001916 advisory. The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to...

Linux Distros Unpatched Vulnerability : CVE-2014-8989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users t...

dsipts (>=1.1.5 <=1.1.19), llm-toys (=0.1.1) +2 more potentially affected by CVE-2024-12778 via aim (>=3.17.4 <=3.20.1)

aim PYPI version =3.17.4, =1.1.5, =0.0.20, =0.1.0, =0.5.6 Source cves: CVE-2024-12778 Source advisory: OSV:GHSA-35P3-6J45-PRWM...

ado-sfttrainer (>=1.0.1 <=1.8.0), aim-mlflow (>=0.1.0 <=0.2.1) +27 more potentially affected by CVE-2024-12778 via aim (>=3.17.4 <=4.0.3)

aim PYPI version =3.17.4, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =4.46.1, =0.0.1, =0.0.3, =0.0.1, =1.1.5, =0.1.1, =0.22.0, =0.0.1, =0.0.1, =2.0.1, =2.0.7 and more Source cves: CVE-2024-12778 Source advisory: SNYK:PYTHON-AIM-9511127...

ado-sfttrainer (>=1.0.1 <=1.8.0), aim-mlflow (>=0.1.0 <=0.2.1) +27 more potentially affected by CVE-2024-10110 via aim (>=3.17.4 <=4.0.3)

aim PYPI version =3.17.4, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =4.46.1, =0.0.1, =0.0.3, =0.0.1, =1.1.5, =0.1.1, =0.22.0, =0.0.1, =0.0.1, =2.0.1, =2.0.7 and more Source cves: CVE-2024-10110 Source advisory: SNYK:PYTHON-AIM-9511139...

dsipts (>=1.1.5 <=1.1.19), llm-toys (=0.1.1) +2 more potentially affected by CVE-2024-10110 via aim (>=3.17.4 <=3.20.1)

aim PYPI version =3.17.4, =1.1.5, =0.0.20, =0.1.0, =0.5.6 Source cves: CVE-2024-10110 Source advisory: OSV:GHSA-FX47-JPV9-7HXR...

ado-sfttrainer (>=1.0.1 <=1.8.0), aim-mlflow (>=0.1.0 <=0.2.1) +27 more potentially affected by CVE-2024-7760 via aim (>=3.17.4 <=4.0.3)

aim PYPI version =3.17.4, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =4.46.1, =0.0.1, =0.0.3, =0.0.1, =1.1.5, =0.1.1, =0.22.0, =0.0.1, =0.0.1, =2.0.1, =2.0.7 and more Source cves: CVE-2024-7760 Source advisory: SNYK:PYTHON-AIM-9637809...

dsipts (>=1.1.5 <=1.1.19), llm-toys (=0.1.1) +2 more potentially affected by CVE-2024-8863 via aim (>=3.17.4 <=3.20.1)

aim PYPI version =3.17.4, =1.1.5, =0.0.20, =0.1.0, =0.5.6 Source cves: CVE-2024-8863 Source advisory: OSV:GHSA-PMHG-F7WC-C97M...

llm-toys (=0.1.1), tcbench (>=0.0.20 <=0.0.22) +1 more potentially affected by CVE-2024-6578 via aim (>=3.17.4 <=3.19.3)

aim PYPI version =3.17.4, =0.0.20, =0.1.0, =0.5.6 Source cves: CVE-2024-6578 Source advisory: OSV:GHSA-P9F2-JG9W-CX69...

llm-toys (=0.1.1), tcbench (>=0.0.20 <=0.0.22) +1 more potentially affected by CVE-2024-6227 via aim (>=3.17.4 <=3.19.3)

aim PYPI version =3.17.4, =0.0.20, =0.1.0, =0.5.6 Source cves: CVE-2024-6227 Source advisory: OSV:GHSA-36H2-G4C8-9XCM...

Solaris 10 (sparc) : 119213-32

NSSNSPRJSS 3.17.4: NSPR 4.10.7 / NSS 3.17.4 / JSS 4.3.2. Date this patch was last updated by Sun : Dec/24/15 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

F5 Networks BIG-IP : Linux kernel vulnerabilities (K62700573)

CVE-2010-5313 Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service L1 guest OS crash via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842. CVE-2014-7842 Race condition in...

openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2015-185)

MozillaFirefox, mozilla-nss were updated to fix 18 security issues. MozillaFirefox was updated to version 36.0. These security issues were fixed : - CVE-2015-0835, CVE-2015-0836: Miscellaneous memory safety hazards - CVE-2015-0832: Appended period to hostnames can bypass HPKP and HSTS protections...

Security update for MozillaFirefox, mozilla-nss (important)

MozillaFirefox, mozilla-nss were updated to fix 18 security issues. MozillaFirefox was updated to version 36.0. These security issues were fixed: - CVE-2015-0835, CVE-2015-0836: Miscellaneous memory safety hazards - CVE-2015-0832: Appended period to hostnames can bypass HPKP and HSTS protections ...

USN-2504-1: NSS update

The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.17.4 which includes the latest CA certificate bundle...

FancyFon Software FAMOC SQL Injection Vulnerability

FancyFon Software FAMOC is a mobile device lifecycle management solution from FancyFon Software Ireland. The solution enables centralized remote management of smartphones using various operating systems over the Internet. A SQL injection vulnerability exists in FancyFon Software FAMOC versions...

[SYSS-2014-013] FancyFon FAMOC - Use of a One-Way Hash without a Salt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-013 Products: FAMOC Vendor: FancyFon Affected Versions: 3.16.5 Tested Versions: 3.16.5 Vulnerability Type: Use of a One-Way Hash without a Salt CWE-759 Risk Level: Low Solution Status: Fixed Vendor Notification: 2014-12-19...

Fedora 21 : kernel-3.17.4-302.fc21 (2014-16448)

Small bugfix update. A few AArch64 fixes and a patch to quiet a common i915 warning. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

DEBIAN-CVE-2014-7843

The clearuser function in arch/arm64/lib/clearuser.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service system crash by reading one byte beyond a /dev/zero page boundary...

UBUNTU-CVE-2014-8989

The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the group category that is more restrictive than the...