SUSE CVE-2017-18900

An issue was discovered in Mattermost Server before 4.1.0, 4.0.4, and 3.10.3. It allows CSV injection via a compliance report...

UBUNTU-CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

EUVD-2026-2913

In Apache Airflow versions before 3.1.6, when rendered template fields in a Dag exceed core maxtemplatedfieldlength, sensitive values could be exposed in cleartext in the Rendered Templates UI. This occurred because serialization of those fields used a secrets masker instance that did not include...

Apache Airflow security vulnerabilities

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.1.6 contained security vulnerabilities. These vulnerabilities stemmed from the lack of...

CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000801)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000801 advisory. The pivotroot implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows...

CVE-2025-61873

Best Practical Request Tracker RT before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001018)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001018 advisory. arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of...

MiracleLinux 7 : mariadb-5.5.64-1.el7 (AXSA:2019-4127:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4127:01 advisory. mysql: MyISAM unspecified vulnerability CPU Jul 2018 CVE-2018-3058 mysql: Server: Security: Privileges unspecified vulnerability CPU Jul 2018...

MiracleLinux 3 : net-snmp-5.3.2.2-20.0.1.AXS3 (AXSA:2013-32:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-32:01 advisory. SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SN...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001586)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001586 advisory. The time subsystem in the Linux kernel through 4.9.9, when CONFIGTIMERSTATS is enabled, allows local users to discover real PID values as distinguished from PID valu...

CVE-2025-61873

Summary: CVE-2025-61873 affects Best Practical Request Tracker (RT). The connected Debian advisory confirms the issue is a CSV injection vulnerability in RT exports to TSV from search results, caused by ticket values containing certain characters and exported in TSV, enabling injection. Debian li...

Oracle Linux 9 : transfig (ELSA-2026-0700)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-0700 advisory. 1:3.2.7b-11 - Detect nan in spline control values - CVE-2025-46397 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003767)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003767 advisory. In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003664)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003664 advisory. In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP...

Security Bulletin: A security vulnerability in WebSphere Liberty affects IBM Robotic Process Automation for Cloud Pak (CVE-2020-36732).

Summary A security vulnerability in WebSphere Liberty affects IBM Robotic Process Automation for Cloud Pak. WebSphere Application Liberty is used by IBM Robotic Process Automation as part of Antivirus and Abbyy containers as well as UMS. This bulletin identifies the fixes required to address this...

CVE-2025-12051

The drivers in the tool packages use RTLQUERYREGISTRYDIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow...

CVE-2025-68792

An out-of-bounds array indexing flaw was found in the Linux kernel's TPM2 session handling code. The namesize lookup function uses TPMALGID values directly as array indices without bounds checking. An unrecognized algorithm ID could cause out-of-bounds memory access, potentially leading to memory...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002200)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002200 advisory. The pivotroot implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows...

Juniper Networks Junos OS security vulnerabilities

Juniper Networks Junos OS is a network operating system specifically designed for hardware devices used by Juniper Networks. This operating system provides secure programming interfaces and the Junos SDK. Vulnerabilities exist in versions of Junos OS prior to 23.4R2-S5, 24.2R2-S1, and 24.4R2. The...