49922 matches found
PT-2026-53951
Name of the Vulnerable Software and Affected Versions IBM WebSphere Extreme Scale versions 8.6.1.0 through 8.6.1.6 Description Improper validation in the XDF decoder allows an adjacent attacker to cause a denial of service. The application processes deeply nested Protocol Buffers messages and...
RHEL 8 : ruby:3.3 (RHSA-2026:33515)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33515 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
CVE-2026-12912 Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image
A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...
CVE-2026-27145
A flaw was found in the crypto/x509 package of golang. This vulnerability allows a remote attacker to cause a Denial of Service DoS by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name SAN entries. The certificate verification process, specifical...
OPENSUSE-SU-2026:21191-1 Security update for python-mistune
This update for python-mistune fixes the following issue - CVE-2026-49851: potential DoS via quadratic-time parsing in parselinktext bsc1269091...
Important: containerd
Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...
Important: containerd
Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...
RHEL 7 : ImageMagick (RHSA-2026:32961)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:32961 advisory. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fixe...
RLSA-2026:29703 Important: containernetworking-plugins security update
The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...
SUSE-SU-2026:22376-1 Security update for google-guest-agent
This update for google-guest-agent fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260264. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allo...
SUSE-SU-2026:2639-1 Security update for containerd
This update for containerd fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260296. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...
PT-2026-52976
Name of the Vulnerable Software and Affected Versions Bento4 versions prior to 1.8.9 Description A stack overflow occurs in the AP4 Array::EnsureCapacity component. This issue allows an attacker to trigger a Denial of Service DoS by providing a specially crafted MP4 file. Recommendations Update t...
CVE-2026-38639
CVE-2026-38639 affects relibc. The issue is in the parse_month function (path /time/strptime.rs) within commit ab6a2e and allows an attacker to trigger a Denial of Service by parsing a crafted input. The available sources confirm the vulnerability location and impact but do not provide exploitati...
SUSE SLED15 / SLES15 Security Update : python-PyJWT (SUSE-SU-2026:2626-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2626-1 advisory. This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments...
SUSE SLES16 Security Update : python-PyJWT (SUSE-SU-2026:22170-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22170-1 advisory. This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments directly to...
AlmaLinux 10 : buildah (ALSA-2026:29195)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:29195 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient...
RockyLinux 9 : containernetworking-plugins (RLSA-2026:29703)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:29703 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient...
AlmaLinux 10 : skopeo (ALSA-2026:29035)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:29035 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient...
SUSE SLES16 Security Update : mcphost (SUSE-SU-2026:22193-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22193-1 advisory. This update for mcphost fixes the following issues - CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506:...
CVE-2026-53005
A flaw was found in the Linux kernel's afunix component, specifically within its SOCKMAP feature. This vulnerability stems from the kernel's improper handling of Socket Control Message SCM attributes when data is passed to the SOCKMAP layer. This can lead to a use-after-free condition, which may...