CVE-2026-32997

A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server...

[SECURITY] Fedora 44 Update: cockpit-362-1.fc44

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

Linux Distros Unpatched Vulnerability : CVE-2026-40701

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpsslmodule module when the sslverifyclient directive is set to on or optional, and the sslocs...

SUSE SLES15 Security Update : buildah (SUSE-SU-2026:1480-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1480-1 advisory. This update for buildah rebuilds it against the current go 1.25 security release. Tenable has extracted the preceding description block...

CVE-2026-5329

CVE-2026-5329 affects Rapid7 Velociraptor versions prior to 0.76.2. The vulnerability resides in the client monitoring message handler on the Velociraptor server (primarily Linux) and is caused by improper input validation of the queue name provided by the client. This can enable an authenticated...

SUSE: Security Advisory (SUSE-SU-2026:0872-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2026-22731

Name of the Vulnerable Software and Affected Versions Canonical LXD version 6.6 Description An authorization issue exists in the API endpoint GET /1.0/certificates. An authenticated user with restricted privileges can list all certificate fingerprints trusted by the LXD server. Recommendations...

CVE-2026-2750

Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux Centreon Open Tickets modules.This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04...

SUSE SLES15 / openSUSE 15 Security Update : apptainer (SUSE-SU-2026:0580-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0580-1 advisory. - CVE-2025-58190: Fixed a HTML parser misimplementation of a part of the HTML specification for table related tags. bsc1258048. -...

Exploit for CVE-1999-0368

🛡️ Advanced Penetration Testing & System Forensic Audit Mid...

VoidLink Malware Puts Cloud Systems on High Alert With Custom Built Attacks

Sysdig TRT analysis reveals VoidLink as a revolutionary Linux threat. Using Serverside Rootkit Compilation and Zig code, it targets AWS and Azure with adaptive stealth...

SUSE SLES12 Security Update : curl (SUSE-SU-2026:0119-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0119-1 advisory. - CVE-2025-14017: Fixed broken TLS options for threaded LDAPS bsc1256105 Tenable has extracted the preceding description block directly from the SUSE...

SUSE: Security Advisory (SUSE-SU-2026:20016-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-49328

On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module...

CVE-2024-34352

1Panel is an open source Linux server operation and maintenance management panel. Prior to v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol...

CVE-2025-14728

Rapid7 Velociraptor versions before 0.75.6 contain a directory traversal issue on Linux servers that allows a rogue client to upload a file which is written outside the datastore directory. Velociraptor is normally only allowed to write in the datastore directory. The issue occurs due to...

CVE-2025-14728

CVE-2025-14728 affects Rapid7 Velociraptor prior to 0.75.6. A directory traversal vulnerability arises on Linux where a rogue client can upload a file written outside the datastore directory due to insufficient sanitization of directory names that end with a dot, encoded as %2E. Although files ma...

CVE-2025-66508

1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.14 and below use Gin's default configuration which trusts all IP addresses as proxies TrustedProxies = 0.0.0.0/0, allowing any client to spoof the X-Forwarded-For header. Since all IP-based access controls...

CVE-2025-66508

1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.14 and below use Gin's default configuration which trusts all IP addresses as proxies TrustedProxies = 0.0.0.0/0, allowing any client to spoof the X-Forwarded-For header. Since all IP-based access controls...

EUVD-2004-2586

Malware in sbrugna...