Amazon Linux 2023 : ruby4.0, ruby4.0-bundled-gems, ruby4.0-default-gems (ALAS2023-2026-1806)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1806 advisory. Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause...

ROS-20260608-73-0025

The vulnerability of the Microsoft .NET software platform, Microsoft .NET Framework, and the source code editor Visual Studio is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

ROS-20260608-73-0020

The vulnerability of the .NET software platform is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

ROS-20260608-73-0027

The vulnerability of the .NET software platform is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

Amazon Linux 2023 : aspnetcore-runtime-9.0, aspnetcore-runtime-dbg-9.0, aspnetcore-targeting-pack-9.0 (ALAS2023-2026-1802)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1802 advisory. Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally. CVE-2026-32177 Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an...

ROS-20260608-73-0017

The vulnerability of the Microsoft .NET software platform, Microsoft .NET Framework, and the source code editor Visual Studio is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

perl-Net-CIDR-Set-0.210.0-1.1 on GA media (moderate)

perl-Net-CIDR-Set-0.210.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10951-1 Rating: moderate Cross-References: CVE-2026-49940 CVE-2026-49941 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixe...

ROS-20260608-73-0023

The vulnerability of the .NET software platform is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

CVE-2026-11452

GL.iNet GL-MT3000 (firmware ≤ 4.4.5) exposes a remote command-injection in the SET_USER_PWD Handler (function FUN_0042e200) via the /cgi-bin/glc interface. The vulnerability stems from manipulating the Password parameter, enabling remote execution of commands. Upgrading to firmware 4.8.1 is recom...

CVE-2026-2500

The Quick Playground plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.4. This is due to the qckplydata function passing the user-supplied filename POST parameter directly to filegetcontents without any validation, sanitization, or path restriction. Th...

SUSE CVE-2025-40911

Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly handle leading zero characters in IP CIDR address strings, which could allow attackers to bypass access control that is based on IP addresses. Leading zeros are used to indicate octal numbers, which can confuse users who are...

SUSE CVE-2026-49940

Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One U+0661 were accepted but not properly parsed as numbers. This could allow network masks to accept larger networks...

SUSE CVE-2026-49941

Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses. The add method called the encode method to parse addresses. If the addresses did not look like netmasks or network ranges, then they were assumed to single IP addresses and passed back to itself as a 32-bit or 128-bit...

EulerOS Virtualization 2.13.0 : net-snmp (EulerOS-SA-2026-2180)

According to the versions of the net-snmp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an...

EulerOS Virtualization 2.12.0 : kernel (EulerOS-SA-2026-2102)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : netfilter: ctnetlink: remove refcounting in expectation dumpersCVE-2025-39764 nvme: nvme-fc: Ensure -ioerrwork is cancelled in...

EulerOS Virtualization 2.12.1 : kernel (EulerOS-SA-2026-2077)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : netfilter: ctnetlink: remove refcounting in expectation dumpersCVE-2025-39764 nvme: nvme-fc: Ensure -ioerrwork is cancelled in...

Slackware Linux 15.0 / current net-tools Vulnerability (SSA:2026-154-02)

The version of net-tools installed on the remote host is prior to 201811030eebece. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-154-02 advisory. New net-tools packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the...

EulerOS Virtualization 2.13.1 : net-snmp (EulerOS-SA-2026-2141)

According to the versions of the net-snmp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an...

CVE-2025-15638

Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt. Net::Dropbear versions before 0.14 includes versions of Dropbear 2019.78 or earlier. These include versions of libtomcrypt v1.18.1 or earlier, which is affected by CVE-2016-6129 and CVE-2018-12437...

CVE-2026-49941

Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses. The add method called the encode method to parse addresses. If the addresses did not look like netmasks or network ranges, then they were assumed to single IP addresses and passed back to itself as a 32-bit or 128-bit...