OSEC-2026-09 Albatross-console memory exhaustion

Albatross-console doesn't properly terminate when looping over the ringbuffer. This leads to denial of service and memory exhaustion. Scenario A user that has access to albatross-console either via the unix domain socket requires root:albatross by default or via albatross-tls-endpoint requires a...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 has an improper restriction on write operations within the bounds of a memory buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpubuffer during resize process When ringbufferswapcpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in the wrong state will...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013368)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013368 advisory. In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix deadloop issue on reading tracepipe Soft lockup occurs when reading file...

SUSE-SU-2026:20892-1 Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. - CVE-2025-38488: smb: client: fix use-after-free in cryptmessag...

SUSE-SU-2026:0953-1 Security update for the Linux Kernel (Live Patch 65 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.247 fixes various security issues The following security issues were fixed: - CVE-2022-50423: ACPICA: Fix use-after-free in acpiutcopyipackagetoipackage bsc1250785. - CVE-2022-50697: mrp: introduce active flags to prevent UAF when...

SUSE SLES15 Security Update : kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7 RT) (SUSE-SU-2026:0940-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0940-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.3 fixes various security issues The following security issues were fixed: -...

CVE-2026-32953

Tillitis TKey Client (Go module tkeyclient) versions

Linux Distros Unpatched Vulnerability : CVE-2026-23277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave device...

RockyLinux 9 : kernel (RLSA-2026:3488)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3488 advisory. kernel: smc: Use skdstget and dstdevrcu in smcclcprfxmatch CVE-2025-40168 kernel: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr...

RLSA-2026:2282 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation CVE-2025-38415 kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it...

CVE-2026-20026 Multiple Cisco Products Snort 3 DCERPC Vulnerabilities

Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerabili...

EulerOS Virtualization 2.13.1 : curl (EulerOS-SA-2025-2621)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992992)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992992 advisory. In the Linux kernel, the following vulnerability has been resolved: media: cx88: Fix a null-ptr-deref bug in bufferprepare When the driver calls cx88riscbuffer to...

Alibaba Cloud Linux 3 : 0199: curl (ALINUX3-SA-2025:0199)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0199 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-9086: 1. A cookie is set using the secure...

EulerOS 2.0 SP11 : curl (EulerOS-SA-2025-2459)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname,...

EulerOS 2.0 SP12 : curl (EulerOS-SA-2025-2320)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname,...

EulerOS 2.0 SP12 : curl (EulerOS-SA-2025-2351)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname,...

EulerOS 2.0 SP10 : curl (EulerOS-SA-2025-2382)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname,...

CVE-2022-20583

In ppmpunprotectmfcfwbuf of drmfw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in S-EL1 with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...