Important: Red Hat Security Advisory: expat security update

An update for expat is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

ROOT-OS-DEBIAN-11-CVE-2024-46774 CVE-2024-46774 in rootio-linux - Patched by Root

Root has patched CVE-2024-46774 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2025-39752 CVE-2025-39752 in rootio-linux - Patched by Root

Root has patched CVE-2025-39752 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2023-52732 CVE-2023-52732 in rootio-linux - Patched by Root

Root has patched CVE-2023-52732 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

kernel-rt security update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

Low: python3.14-pip

Issue Overview: pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such as installing "incorrect" files according to the filename of the archive. New behavior...

SUSE SLED15 / SLES15 Security Update : docker (SUSE-SU-2026:2033-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2033-1 advisory. This update for docker rebuilds it against the current go security release. Tenable has extracted the preceding...

Photon OS 5.0: Linux PHSA-2026-5.0-0854

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0854. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Unity Linux 20.1070e Security Update: springframework (UTSA-2026-016742)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016742 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

Unity Linux 20.1060e / 20.1070e Security Update: ant (UTSA-2026-016647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016647 advisory. As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them...

Unity Linux 20.1070e Security Update: nodejs-hawk (UTSA-2026-016758)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016758 advisory. Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021641)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021641 advisory. In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering iprtbug arp link failure may trigger iprtbug while xfrm...

Important: Red Hat Security Advisory: postgresql16 security update

An update for postgresql16 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Important: Red Hat Security Advisory: PackageKit security update

An update for PackageKit is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

Unity Linux 20.1070e Security Update: netty (UTSA-2026-017793)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017793 advisory. Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers such as a Transfer- Encoding : chunked line, which leads to HTTP request smuggling...

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017578)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017578 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

RockyLinux 9 : freeipmi (RLSA-2026:14819)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:14819 advisory. freeipmi: buffer overflows on response messages via ipmi-oem CVE-2026-33554 Tenable has extracted the preceding description block directly from the RockyLinux...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017357)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017357 advisory. lookup in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Unity Linux...

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

PT-2026-38541

USN-8233-1 fixed a vulnerability in nghttp2. This update provides the corresponding update for Ubuntu 26.04 LTS. Original advisory details: Andrew MacPherson discovered that nghttp2 did not properly validate internal state when the session termination API was called. A remote attacker could...