CVE-2025-13952 GPU DDK - libusc UAF via WebGPU shaders at MergeConsecutiveBarriersBP

A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the...

PT-2026-4563

Name of the Vulnerable Software and Affected Versions GPU shader compiler library affected versions not specified Description Loading a web page with unusual GPU shader code into the GPU compiler process can cause a write use-after-free crash within the GPU shader compiler library. This occurs...

MiracleLinux 7 : gcc-4.8.5-28.el7 (AXSA:2018-2900:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2900:03 advisory. gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics CVE-2017-11671 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : firefox-115.3.1-1.el9.ML.1 (AXSA:2023-6493:37)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6493:37 advisory. firefox: use-after-free in workers CVE-2023-3600 Mozilla: Out-of-bounds write in PathOps CVE-2023-5169 Mozilla: Use-after-free in Ion Compiler...

MiracleLinux 8 : java-11-openjdk-11.0.8.10-0.el8 (AXSA:2020-547:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-547:07 advisory. OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access Libraries, 8238920 CVE-2020-14583 OpenJDK: Incomplete bounds checks in Affine...

MiracleLinux 8 : java-17-openjdk-17.0.11.0.9-2.el8 (AXSA:2024-7705:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7705:07 advisory. OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122...

MiracleLinux 9 : java-21-openjdk-21.0.3.0.9-1.el9.ML.1 (AXSA:2024-7714:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7714:08 advisory. OpenJDK: long Exception message leading to crash 8319851 CVE-2024-21011 OpenJDK: integer overflow in C1 compiler address generation 8322122...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000747)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000747 advisory. The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorre...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001384)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001384 advisory. fpregsstatevalid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004089)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004089 advisory. fpregsstatevalid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004106)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004106 advisory. In memzeroexplicit of compiler-clang.h, there is a possible bypass of defense in depth due to uninitialized data. This could lead to local information disclosure wit...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001831)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001831 advisory. The bpfintjitcompile function in arch/x86/net/bpfjitcomp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service system crash by creating ...

RHSA-2026:0341 Red Hat Security Advisory: gcc-toolset-14-binutils security update

Bulletin has no description...

MiracleLinux 3 : gcc-4.1.2-50.0.1 (AXSA:2011-05:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-05:01 advisory. The gcc package contains the GNU Compiler Collection version 4.1. You will need this package in order to compile C code. Security issues fixed with th...

CVE-2026-22610

A flaw was found in Angular. An attacker could exploit a cross-site scripting XSS vulnerability in the Angular Template Compiler due to improper sanitization of href and xlink:href attributes within SVG Mitigation This issue can be mitigating by avoiding the usage of dynamic bindings, this can be...

Astra Linux - уязвимость в botan

Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 used in Chacha-Poly1305 and x25519. An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i38...

MiracleLinux 9 : gcc-toolset-13-gcc-13.3.1-2.2.el9_5.ML.1 (AXSA:2025-9667:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9667:01 advisory. jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 Tenable has extracted the preceding description block...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.452.b09-2.el8 (AXSA:2025-9868:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9868:07 advisory. JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling...

Cross-site Scripting (XSS)

Angular is vulnerable to cross-site scripting XSS. The vulnerability is due to Angular Template Compiler’s internal sanitization schema failing to recognize the href and xlink:href attributes of SVG...

Linux Distros Unpatched Vulnerability : CVE-2026-22610

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18,...