CVE-2026-23955

EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be...

MiracleLinux 7 : ksh-20120801-140.el7 (AXSA:2020-4475:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4475:02 advisory. ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection CVE-2019-14868 Tenable has extracted the...

MiracleLinux 8 : fwupd-1.1.4-7.0.1.el8, grub2-2.02-87.0.1.el8, shim-15-15.0.1, shim-unsigned-x64-15-8.0.1.el8 (AXSA:2020-773:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-773:01 advisory. grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process CVE-2020-10713 grub2: grubmalloc does not validate allocation...

MiracleLinux 9 : sysstat-12.5.4-5.el9 (AXSA:2023-5796:03)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5796:03 advisory. sysstat: arithmetic overflow in allocatestructures on 32 bit systems CVE-2022-39377 Tenable has extracted the preceding description block directly from the...

MiracleLinux 4 : ksh-20120801-38.AXS4 (AXSA:2020-4474:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4474:01 advisory. ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection CVE-2019-14868 Tenable has extracted the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003902)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003902 advisory. kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain ORNULL...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004467)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004467 advisory. kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001404)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001404 advisory. kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004777)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004777 advisory. kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain ORNULL...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001197)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001197 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service integer overflow and memory corruption or possibly have...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003955)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003955 advisory. kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : klibc vulnerabilities (USN-7959-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7959-1 advisory. It was discovered that zlib, vendored in klibc, did not properly handle integer...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003258)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003258 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service integer overflow and memory corruption or possibly have...

USN-7959-1 klibc vulnerabilities

It was discovered that zlib, vendored in klibc, did not properly handle integer arithmetic. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service...

USN-7959-1: klibc vulnerabilities

It was discovered that zlib, vendored in klibc, did not properly handle integer arithmetic. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service...

MiracleLinux 7 : rsync-3.1.2-12.0.5.el7.AXS7 (AXSA:2025-11113:09)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-11113:09 advisory. CVE-2016-9840: fix improper pointer arithmetic in inftrees.c CVEs: CVE-2016-9840 inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have...

CVE-2023-45927

S-Lang 2.3.2 was discovered to contain an arithmetic exception via the function ttsprintf...

CVE-2021-41612

An issue was discovered in the ALU unit of the OpenRISC mor1kx processor. The carry flag is not being updated correctly for the subtract instruction, which results in an incorrect value of the carry flag. Any software that relies on this flag may experience corruption in execution...

CVE-2022-33067

Lrzip v0.651 was discovered to contain multiple invalid arithmetic shifts via the functions getmagic in lrzip.c and Predictor::init in libzpaq/libzpaq.cpp. These vulnerabilities allow attackers to cause a Denial of Service via unspecified vectors...

PT-2026-24131

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-16 ImageMagick versions prior to 6.9.13-41 Description ImageMagick is software used for editing and manipulating digital images. A heap over-read issue exists in the MAT decoder due to incorrect...