About the security content of iOS 15.8.7 and iPadOS 15.8.7

About the security content of iOS 15.8.7 and iPadOS 15.8.7 This document describes the security content of iOS 15.8.7 and iPadOS 15.8.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

RHEL 9 : Red Hat JBoss Enterprise Application Platform 8.0.12 (RHSA-2026:3891)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3891 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release o...

Linux Distros Unpatched Vulnerability : CVE-2026-3543

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a...

Important: thunderbird

Issue Overview: A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating...

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-053 (ALASFIREFOX-2026-053)

The version of firefox installed on the remote host is prior to 140.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-053 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. Th...

CVE-2026-20050 Cisco Secure Firewall Threat Defense Decryption Policy Denial of Service Vulnerability

A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper memory...

TencentOS Server 4: glibc (TSSA-2026:0122)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0122 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

ROS-20260304-73-0009

A vulnerability in the mgmtremoveadvadvmonitorcomplete function of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260304-73-0015

A vulnerability in the cscfgcsdevenableactiveconfig function of the Linux kernel is related to memory usage after memory is freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

buildah security update

An update is available for buildah. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The buildah package provides a tool for facilitating building OCI container...

SUSE SLES16 Security Update : go1.25 (SUSE-SU-2026:20428-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20428-1 advisory. Update to version 1.25.7. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows...

PT-2026-7770

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.3 iPadOS versions prior to 26.3 Safari versions prior to 26.3 macOS Tahoe versions prior to 26.3 visionOS versions prior to 26.3 Description A flaw exists due to improper memory handling when processing specially craft...

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3155 (ALAS-2026-3155)

The version of nerdctl installed on the remote host is prior to 2.2.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3155 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program ...

openSUSE 16 Security Update : openssl-3 (openSUSE-SU-2026:20152-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20152-1 advisory. Security fixes: - CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS12 MAC verification bsc1256829. - CVE-2025-15467: Stack buffer...

USN-8007-1 imagemagick vulnerabilities

It was discovered that ImageMagick incorrectly handled image depth values when processing MIFF image files. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. CVE-2025-43965 It was discovered that ImageMagick incorrectly processed SVG images and MSL...

CVE-2026-24133

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control of the first argument of the addImage method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in...

OESA-2026-1266 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : TeX Live vulnerabilities (USN-7985-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7985-1 advisory. Shin Ando discovered that the Xpdf toolkit embedded in TeX Live incorrectly handled memory when decoding certain data...

USN-7985-1: TeX Live vulnerabilities

Shin Ando discovered that the Xpdf toolkit embedded in TeX Live incorrectly handled memory when decoding certain data streams. An attacker could possibly use this issue to cause TeX Live to crash, resulting in a denial of service, or execute arbitrary code. This issue only affected Ubuntu 20.04 L...

RHEL 9 : kernel (RHSA-2026:1494)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1494 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mac80211: fix potential double...