12943 matches found
Ubuntu: Security Advisory (USN-5376-6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update 5.1.2 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Backported security patches for Salt vendored tornado: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header paramete...
CVE-2026-23521
Versions of the Traccar open-source GPS tracking system up to and including 6.11.1 contain an issue in which authenticated users who can create or edit devices can set a device uniqueId to an absolute path. When uploading a device image, Traccar uses that uniqueId to build the filesystem path...
AZL-78120 CVE-2026-27171 affecting package kata-containers 3.19.1.kata2-6
zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...
[SECURITY] Fedora 42 Update: nginx-mod-brotli-1.0.0~rc-6.fc42
NGINX module for Brotli compression...
CVE-2026-0994 affecting package protobuf for versions less than 25.3-6
CVE-2026-0994 affecting package protobuf for versions less than 25.3-6. A patched version of the package is available...
Mersenne Research Prime95 安全漏洞
Mersenne Research Prime95 is an open-source software developed by Mersenne Research, running on Windows operating systems. Version 29.8 build 6 of Mersenne Research Prime95 contains a security vulnerability. This vulnerability stems from a buffer overflow in the user ID input field, which could...
Ubuntu: Security Advisory (USN-7954-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GitLab 15.6 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-12734)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to, under certai...
[SECURITY] Fedora 42 Update: rust-ybaas-0.0.19-6.fc42
Don't you love when you accidentally tap your Yubikey when you have your IRC client in focus and you send 987947 into Libera? Want to be able to have that experience without having to reach all the way over to your laptop's USB port? Don't want the complexity of installing and using the yubibomb...
[SECURITY] Fedora 43 Update: greetd-0.10.3-6.fc43
greetd is a minimal and flexible login manager daemon that makes no assumptions about what you want to launch...
CVE-2025-68276 affecting package avahi for versions less than 0.8-6
CVE-2025-68276 affecting package avahi for versions less than 0.8-6. A patched version of the package is available...
CVE-2025-68471 affecting package avahi for versions less than 0.8-6
CVE-2025-68471 affecting package avahi for versions less than 0.8-6. A patched version of the package is available...
CVE-2025-68468 affecting package avahi for versions less than 0.8-6
CVE-2025-68468 affecting package avahi for versions less than 0.8-6. A patched version of the package is available...
AZL-77040 CVE-2025-58190 affecting package multus 4.0.2-6
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76389 CVE-2025-63656 affecting package fluent-bit 3.0.6-6
An out-of-bounds read in the headercmp function mkserver/mkhttpparser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
AZL-76380 CVE-2025-63655 affecting package fluent-bit 3.0.6-6
A NULL pointer dereference in the mkhttprangeparse function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
CVE-2026-24812
Vulnerability in root-project root builtins/zlib modules. This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1...
AZL-75545 CVE-2025-11065 affecting package opa for versions less than 0.63.0-6
A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...
Apple Security Update: watchOS 26.2.1
Apple recommends to install security update watchOS 26.2.1 on devices Apple Watch Series 6 and later...