MiracleLinux 9 : podman-5.6.0-6.el9_7 (AXSA:2025-11464:11)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11464:11 advisory. database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has...

CVE-2025-59470

This vulnerability allows a Backup Operator to perform remote code execution RCE as the postgres user by sending a malicious interval or order parameter...

CVE-2025-59468

This vulnerability allows a Backup Administrator to perform remote code execution RCE as the postgres user by sending a malicious password parameter...

SUSE SLES15 Security Update : php8 (SUSE-SU-2026:0086-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0086-1 advisory. Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading imag...

Veeam Backup and Replication < 13.0.1.1071 Multiple Vulnerabilities (January 2026) (KB4792)

The version of Veeam Backup and Replication installed on the remote Windows host is prior to 13.0.1.1071. It is, therefore, affected by multiple vulnerabilities: - This vulnerability allows a Backup or Tape Operator to perform remote code execution RCE as root by creating a malicious backup...

Exploit for CVE-2025-59470

CVE-2025-59470 CVE-2025-59470 PoC exploit targeting Veeam B...

CVE-2025-59468

This vulnerability allows a Backup Administrator to perform remote code execution RCE as the postgres user by sending a malicious password parameter...

CVE-2025-59470

This vulnerability allows a Backup Operator to perform remote code execution RCE as the postgres user by sending a malicious interval or order parameter...

CVE-2025-59470

This vulnerability allows a Backup Operator to perform remote code execution RCE as the postgres user by sending a malicious interval or order parameter...

CVE-2025-59468

This vulnerability allows a Backup Administrator to perform remote code execution RCE as the postgres user by sending a malicious password parameter...

CVE-2025-59470

This vulnerability allows a Backup Operator to perform remote code execution RCE as the postgres user by sending a malicious interval or order parameter...

CVE-2025-59468

This vulnerability allows a Backup Administrator to perform remote code execution RCE as the postgres user by sending a malicious password parameter...

CVE-2025-59468

CVE-2025-59468 affects Veeam Backup & Replication. A Backup Administrator can achieve remote code execution as the postgres user by submitting a crafted password parameter. Red Hat and other sources corroborate the issue; Veeam’s KB4792 confirms the remediation: upgrade to 13.0.1.1071 where this ...

CVE-2025-59470

This vulnerability allows a Backup Operator to perform remote code execution RCE as the postgres user by sending a malicious interval or order parameter...

CVE-2025-59468

This vulnerability allows a Backup Administrator to perform remote code execution RCE as the postgres user by sending a malicious password parameter...

CVE-2025-59470

The CVE-2025-59470 issue affects Veeam Backup & Replication (versions 13.0.1.180 and earlier). The vulnerability allows a user with Backup or Tape Operator privileges to trigger remote code execution as the postgres user by sending crafted interval or order parameters in backup configurations. Pu...

Security update for php8

This update for php8 fixes the following issues: Security fixes: CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode bsc1255710. CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element cou...

PT-2026-1821

Name of the Vulnerable Software and Affected Versions Veeam affected versions not specified Description The software contains a flaw that enables a Backup Administrator to execute code remotely as the postgres user. This is achieved by submitting a crafted password parameter. The issue allows for...

PT-2026-1644

Veeam Backup & Replication and Affected Versions Veeam Backup & Replication versions 13.0.1.180 and earlier Description A critical remote code execution RCE vulnerability exists in Veeam Backup & Replication software. This flaw, tracked as CVE-2025-59470, has a CVSS score of 9.0 and allows a user...

PT-2026-7843

Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.2 PostgreSQL versions prior to 17.8 PostgreSQL versions prior to 16.12 PostgreSQL versions prior to 15.16 PostgreSQL versions prior to 14.21 Description A flaw exists in PostgreSQL due to improper validation of...