Wazuh 4.14.2 Code Execution / Insecure Deserialization

A critical vulnerability in Wazuh cluster mode allows an attacker with access to a worker node to send malicious serialized payloads that are processed by the master node, resulting in remote code execution with root privileges. Versions 4.0.0 through 4.14.2 are affected...

CVE-2026-25769

Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.0.0 through 4.14.2 have a Remote Code Execution RCE vulnerability due to Deserialization of Untrusted Data. All Wazuh deployments using cluster mode master/worker architecture and any...

CVE-2026-25772 Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists in the Wazuh Database synchronization module wdbdeltaevent.c. The SQL query construction logic...

CVE-2026-25771

Wazuh vulnerability CVE-2026-25771 affects versions 4.3.0 through prior to 4.14.3. The DoS arises in the API authentication middleware: the async Starlette/Asyncio loop calls a synchronous generate_keypair function that performs blocking disk I/O on every request with a Bearer token, allowing an ...

CVE-2026-25769 Wazuh Cluster vulnerable to Remote Code Execution via Insecure Deserialization

Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.0.0 through 4.14.2 have a Remote Code Execution RCE vulnerability due to Deserialization of Untrusted Data. All Wazuh deployments using cluster mode master/worker architecture and any...

CVE-2026-25769

CVE-2026-25769 affects Wazuh versions 4.0.0–4.14.2 and is exploitable via Remote Code Execution due to Deserialization of Untrusted Data. In deployments using cluster mode (master/worker), a compromised worker node can achieve full RCE on the master with root privileges. The issue is fixed in ver...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003324)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003324 advisory. The ocfs2setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service deadlock via DIO requests. Tenable has...

CVE-2025-54065

GZDoom is a feature centric port for all Doom engine games. GZDoom is an open source Doom engine. In versions 4.14.2 and earlier, ZScript actor state handling allows scripts to read arbitrary addresses, write constants into the JIT-compiled code section, and redirect control flow through crafted...

GZDoom 安全漏洞

GZDoom is a feature-centered port of the ZDoom open source for all Doom engine games based on ZDoom. A security vulnerability exists in GZDoom 4.14.2 and earlier versions, which stems from improper handling of the ZScript actor state and could lead to the execution of arbitrary code...

CVE-2025-3944

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterprise Security on QNX allows File Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before...

CVE-2021-35939 affecting package rpm 4.14.2-15

CVE-2021-35939 affecting package rpm 4.14.2-15. This CVE either no longer is or was never applicable...

CVE-2021-35937 affecting package rpm 4.14.2-15

CVE-2021-35937 affecting package rpm 4.14.2-15. This CVE either no longer is or was never applicable...

CVE-2021-35938 affecting package rpm 4.14.2-15

CVE-2021-35938 affecting package rpm 4.14.2-15. This CVE either no longer is or was never applicable...

RHSA-2023:6840 Red Hat Security Advisory: OpenShift Container Platform 4.14.2 packages and security update

Bulletin has no description...

CVE-2021-20271 affecting package rpm 4.14.2-11

CVE-2021-20271 affecting package rpm 4.14.2-11. A patched version of the package is available...

Fedora 29 : rpm (2018-89a3999673)

An unfortunate regression in rpm 4.14.2 causes --setperms to behave incorrectly on symbolic links: file and directory permissions become world-writable and executable on symlink targets. A similar flaw exists in --setugids, but it is less exploitable. If you have used --setperms or --setugids, or...

Fedora 27 : rpm (2018-2c9120d494)

An unfortunate regression in rpm 4.14.2 causes --setperms to behave incorrectly on symbolic links: file and directory permissions become world-writable and executable on symlink targets. A similar flaw exists in --setugids, but it is less exploitable. If you have used --setperms or --setugids, or...

Debian DSA-3697-1 : kdepimlibs - security update

Roland Tapken discovered that insufficient input sanitising in KMail's plain text viewer allowed the injection of HTML code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3697. The text...

Debian Security Advisory DSA 3697-1 (kdepimlibs - security update)

Roland Tapken discovered that insufficient input sanitising in KMail OpenVAS Vulnerability Test $Id: deb3697.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3697-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbone...

DSA-3697-1 kdepimlibs - security update

Bulletin has no description...