OESA-2026-1945 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

Important: Red Hat Security Advisory: nodejs:22 security update

An update for the nodejs:22 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Ubuntu: Security Advisory (USN-8146-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : ImageMagick vulnerabilities (USN-8127-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8127-1 advisory. It was discovered that ImageMagick did not properly process certain tags prior to an image...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.14 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.17 (RHSA-2026:6011)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6011 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

CVE-2026-33536

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds...

RHEL 9 : Satellite 6.17.7 Async Update (Important) (RHSA-2026:5970)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5970 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of security aspects in the fredextint module. This vulnerability may lead to...

Ubuntu: Security Advisory (USN-8120-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2026-27535

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.4 iOS versions prior to 26.4 iPadOS versions prior to 26.4 macOS Tahoe versions prior to 26.4 visionOS versions prior to 26.4 Description A flaw exists due to improper memory handling when processing specially craft...

Security Bulletin: Memory Safety Vulnerabilities in SSH Agents and Servers: Out-of-Bounds Read and Unbounded Memory Consumption, affects watsonx.data

Summary SSH Agent servers are vulnerable to out-of-bounds reads when processing malformed new identity requests, which can cause the agent to panic. Additionally, SSH servers handling GSSAPI authentication requests do not validate the number of mechanisms specified, potentially allowing attackers...

MiracleLinux 8 : glibc-2.28-251.el8_10.31 (AXSA:2026-341:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-341:02 advisory. glibc: glibc: Information disclosure via zero-valued network query CVE-2026-0915 glibc: wordexp with WRDEREUSE and WRDEAPPEND may return uninitialize...

SUSE CVE-2026-20636

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...

Important: gimp

Issue Overview: GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a...

Linux Distros Unpatched Vulnerability : CVE-2025-43438

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1...

Medium: wireshark

Issue Overview: ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file CVE-2024-11596 Memory handling issue in editcap could cause denial of service via crafted capture file CVE-2024-4853 MEGACO dissector infinite...

EUVD-2026-12631

drlibs version 0.13.3 and earlier contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can exploit attacker-controlled mimeLength and...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : .NET vulnerabilities (USN-8085-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8085-1 advisory. It was discovered that the .NET Microsoft.Bcl.Memory NuGet package did not properly handle certain malformed Base64Url encoded input...

USN-8084-1 curl vulnerabilities

Zhicheng Chen discovered that curl could incorrectly reuse the wrong connection for Negotiate-authenticated HTTP or HTTPS requests. This could result in the use of credentials from a different connection, contrary to expectations. CVE-2026-1965 It was discovered that curl incorrectly leaked OAuth...