MiracleLinux 8 : jbig2dec-0.14-4.el8 (AXSA:2020-327:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-327:01 advisory. jbig2dec: heap-based buffer overflow in jbig2imagecompose in jbig2image.c CVE-2020-12268 Tenable has extracted the preceding description block directly from t...

MiracleLinux 9 : java-17-openjdk-17.0.4.0.8-2.el9 (AXSA:2022-4018:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4018:08 advisory. OpenJDK: integer truncation issue in Xalan-J JAXP, 8285407 CVE-2022-34169 OpenJDK: class compilation issue Hotspot, 8281859 CVE-2022-21540 OpenJDK:...

MiracleLinux 8 : java-17-openjdk-17.0.2.0.8-4.el8 (AXSA:2022-2986:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2986:01 advisory. OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Incorrect reading of TIFF...

SUSE-SU-2026:20096-1 Security update for cargo-c

This update for cargo-c fixes the following issues: - CVE-2025-4574: crossbeam-channel: Fixed double-free on drop in Channel::discardallmessages bsc1243179 - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249012 - CVE-2024-12224: idna: Fixed improper validation of Punycode labels...

MetaCPAN HarfBuzz::Shaper security vulnerability

MetaCPAN HarfBuzz::Shaper is an interface extension module of the MetaCPAN Foundation. Versions of MetaCPAN HarfBuzz::Shaper prior to 0.032 contained a security vulnerability. This vulnerability stemmed from null pointer dereferencing in the bundled libraries, which could lead to null pointer...

MiracleLinux 3 : kdelibs-3.5.5-11.26.AXS3 (AXSA:2011-354:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-354:01 advisory. KDE Libraries include: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, kio Input/Output, networking, kspell spelling...

MiracleLinux 3 : ruby-1.8.5-5.1 (AXSA:2007-63:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2007-63:01 advisory. Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system...

[SECURITY] Fedora 42 Update: python3.12-3.12.12-2.fc42

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

CVE-2026-23529 Arbitrary File Read in Google BigQuery Sink connector

Kafka Connect BigQuery Connector is an implementation of a sink connector from Apache Kafka to Google BigQuery. Prior to 2.11.0, there is an arbitrary file read in Google BigQuery Sink connector. Aiven's Google BigQuery Kafka Connect Sink connector requires Google Cloud credential configurations...

Malicious code in @riag-libs/pattern-library-react-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64366b918bd4380cf8b087a445df7d86ef18b21686c577a9ed7bdd523aceac64 The package @riag-libs/pattern-library-react-hooks was found to contain malicious code. Source: ghsa-malware...

MiracleLinux 7 : nspr-4.21.0-1.el7, nss-util-3.44.0-3.el7, nss-softokn-3.44.0-5.el7, nss-3.44.0-4.el7 (AXSA:2019-4268:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4268:01 advisory. ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries CVE-2018-0495 nss: Cache side-channel variant of the Bleichenbacher attack...

MiracleLinux 4 : X11 client libraries (AXSA:2014-613:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-613:01 advisory. Description: The X11 Xorg libraries provide library routines that are used within all X Window applications. Security issues fixed with this release:...

MiracleLinux 4 : glibc-2.12-1.209.AXS4 (AXSA:2017-1373:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1373:01 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as ...

MiracleLinux 7 : X.org X11 libraries security, bug fix and enhancement update (AXSA:2017-2024:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2024:01 advisory. An integer overflow flaw leading to a heap-based buffer overflow was found in libXpm. An attacker could use this flaw to crash an application using...

MiracleLinux 7 : java-1.7.0-openjdk-1.7.0.111-2.6.7.2.0.1.el7.AXS7 (AXSA:2016-584:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-584:03 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2016-3458 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.41-1.13.13.1.AXS4 (AXSA:2017-1237:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1237:01 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2016-5542 Unspecified vulnerability in Oracle Java SE 6u121, 7u111,...

MiracleLinux 7 : java-1.7.0-openjdk-1.7.0.211-2.6.17.1.0.1.el7.AXS7 (AXSA:2019-3841:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3841:02 advisory. Security Fix - Oracle Java SE Libraries Java SE CVE-2019-2422 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from...

MiracleLinux 7 : kdelibs-4.14.8-6.el7 (AXSA:2017-1655:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1655:01 advisory. Libraries for KDE 4. Security issues fixed with this release: CVE-2017-8422 KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root...

CVE-2025-68704

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, Jervis uses java.util.Random which is not cryptographically secure for timing attack mitigation. This vulnerability is fixed in 2.2...

CVE-2025-68925

Jervis is a library for Job DSL plugin scripts and shared Jenkins pipeline libraries. Prior to 2.2, the code doesn't validate that the JWT header specifies "alg":"RS256". This vulnerability is fixed in 2.2...