openSUSE Security Advisory (SUSE-SU-2026:0971-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:0960-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2026-14988

An Improper Input Validation vulnerability in UniFi Network Server may allow unauthorized access to an account if the account owner is socially engineered into clicking a malicious link. Affected Products: UniFi Network Server Version 10.1.85 and earlier Mitigation: Update UniFi Network Server to...

Security Bulletin: IBM Security QRadar Log Management AQL Plugin is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM Security QRadar Log Management AQL Plugin has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of...

Debian: Security Advisory (DLA-4507-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-62CH-J6X7-722J Connect CMS: Information Disclosure Due to Improper Authorization through the Page Content Retrieval Feature

Security Advisory — Page Content Retrieval Improper Authorization Summary An improper authorization issue in the page content retrieval feature may allow retrieval of non-public information. Affected Versions - 1.x series: = 1.41.0 - 2.x series: = 2.41.0 Patched Versions - 1.41.1 - 2.41.1...

Connect CMS has Stored Cross-site Scripting (XSS) in the File Field of its Form Plugin

Security Advisory — Form Plugin Stored XSS Summary A Stored Cross-site Scripting XSS issue exists in the file field of the Form Plugin. Affected Versions - 1.x series: = 1.41.0 - 2.x series: = 2.41.0 Patched Versions - 1.41.1 - 2.41.1 Description In the file field of the Form Plugin, Stored...

Mageia: Security Advisory (MGASA-2026-0061)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-4504-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : python-diskcache (2026-319d85836c)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-319d85836c advisory. Incorporate patch from Sam Doran to fix CVE-2025-69872 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Debian: Security Advisory (DLA-4506-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-6172-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2026-3256

software: libheif 1.12.0 WASP: ROSA-CHROME unaffected versions = libheif-1.12.0-6 affected versions libheif-1.12.0-6 CVE-ID: CVE-2025-68431 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: In libheif HEIF/AVIF decoder/encoder before 1.21.0, when processing a specially formed HEIF with an overlay element ...

Advisory ROSA-SA-2026-3253

Software: haproxy 3.2.13 WASP: ROSA-CHROME unaffected versions = haproxy-3.2.13-1 affected versions haproxy-3.2.13-1 CVE-ID: CVE-2025-11230 BDU-ID: 2025-13169 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the HAProxy server software is related to algorithmic complexity. Exploitation of the...

Advisory ROSA-SA-2026-3251

software: glibc 2.33 AXIS: ROSA-CHROME unaffected versions = glibc-2.33-11.git5f08d1.5 affected versions glibc-2.33-11.git5f08d1.5 CVE-ID: CVE-2026-0915 BDU-ID: 2026-02104 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the getnetbyaddr and getnetbyaddrr functions of the GNU C Library system library...

Advisory ROSA-SA-2026-3250

software: zlib 1.2.13 OS: ROSA-CHROME unaffected versions = zlib-1.2.13-2 affected versions zlib-1.2.13-2 CVE-ID: CVE-2026-27171 BDU-ID: None CVE-Crit: LOW CVE-DESC.: In zlib before 1.3.2, excessive CPU consumption DoS via crc32combine64 and crc32combinegen64 functions is possible: the x2nmodp...

Advisory ROSA-SA-2026-3241

software: openssl 1.1.1w OS: ROSA-CHROME unaffected versions = openssl-1.1.1.1w-5 affected versions openssl-1.1.1.1w-5 CVE-ID: CVE-2025-68160 BDU-ID: 2026-01216 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the BIOflinebuffer function of the OpenSSL library is related to an operation exceeding...

Advisory ROSA-SA-2026-3242

software: djvulibre 3.5.29 WASP: ROSA-CHROME unaffected versions = djvulibre-3.5.29-1 affected versions djvulibre-3.5.29-1 CVE-ID: CVE-2021-46312 BDU-ID: 2023-05878 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the IW44EncodeCodec.cpp component of the library for viewing, creating, editing DjVu...

Advisory ROSA-SA-2026-3237

software: libsndfile 1.1.0 OS: ROSA-CHROME unaffected versions = libsndfile-1.1.0-6 affected versions libsndfile-1.1.0-6 CVE-ID: CVE-2025-56226 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Memory leak in Libsndfile =1.2.2 in the mpegl3encoderinit function file mpegl3encode.c. CVE-STATUS: The...

Advisory ROSA-SA-2026-3230

software: avahi 0.8 WASP: ROSA-CHROME unaffected versions = avahi-0.8-12.git35bb1b.4 affected versions avahi-0.8-12.git35bb1b.4 CVE-ID: CVE-2025-68276 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in Avahi mDNS/DNS-SD. An unprivileged local user can cause an avahi-daemon DoS crash by...