Fedora 44 : microcode_ctl (2026-3b12e49fee)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3b12e49fee advisory. - Update to upstream 2.1-51. 20260210 - Addition of 06-ae-01/0x97 GNR-D B0/B1 microcode at revision 0x10002f3; - Update of 06-6a-06/0x87 ICX-SP D0 microcode...

Linux Distros Unpatched Vulnerability : CVE-2025-69646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the...

CVE-2026-0995

An issue has been identified in Arm C1-Pro before r1p2-50eac0, where, under certain conditions, a TLBI+DSB might fail to ensure the completion of memory accesses related to SME...

SUSE-SU-2026:20682-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20260210 release bsc1258046: - CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a...

CVE-2026-28804

A flaw was found in pypdf, a pure-python PDF library. A remote attacker can exploit this vulnerability by crafting a malicious PDF file that utilizes the /ASCIIHexDecode filter. Processing this specially crafted PDF can lead to excessively long runtimes, resulting in a Denial of Service DoS for t...

NewStart CGSL MAIN 6.06 (SP) : python3 Multiple Vulnerabilities (NS-SA-2026-0032)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has python3 packages installed that are affected by multiple vulnerabilities: - Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple / at the beginning of URI path whi...

Textream Resource Management Error Vulnerability

Textream is a teleprompter application. A resource management error vulnerability exists in Textream that stems from the DirectorServer WebSocket server not limiting concurrent connections, which can be exploited by an attacker to cause CPU and memory exhaustion, freezing and crashing the...

CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-8074-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8074-1 advisory. It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory...

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005735)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005735 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rbendcommit at cod...

CLSA-2026-1772645765 Update of alt-php

New microcode update packages from upstream up to 2026-02-21: - Addition AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F21ver:0x0B002161, cpuid:0x00B00F81ver:0x0B008121, cpuid:0x00B10F10ver:0x0B101058, cpuid:0x00B20F40ver:0x0B204037, cpuid:0x00B40F40ver:0x0B404035,...

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

SUSE-SU-2026:0802-1 Security update for python

This update for python fixes the following issues: - CVE-2024-7592: excess CPU resource consumption in http.cookies module bsc1229596...

SUSE-SU-2026:20646-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes one security issue The following security issue was fixed: - CVE-2025-40130: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling bsc1253415...

K000160227: Linux kernel vulnerability CVE-2025-37849

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvmarchvcpucreate fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005480)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005480 advisory. In the Linux kernel, the following vulnerability has been resolved: tick/broadcast: Move per CPU pointer access into the atomic section The recent fix for making the...

CVE-2025-62817

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session-ncphdrbuf in pilotparsingncp causes a denial of service...

CVE-2025-66363

An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages...