43 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45999
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpag...
Exploit for CVE-2026-42945
NGINX Rift — CVE-2026-42945 Vulnerability Scanning and Verific...
CLSA-2026-1778834899 postfix: Fix of CVE-2023-51764
CVE-2023-51764: fix SMTP smuggling backport of 2.11.11-smuggling-patch...
CLSA-2026-1777059908 binutils: Fix of 4 CVEs
CVE-2022-47673: fix out-of-bounds reads in parsemodule bfd/vms-alpha.c, combined backport of upstream commits c9178f28, 942fa4fb, 77c225bd, 65cf035b and c093f5ee patch also covers CVE-2023-25584 - CVE-2022-47695: fix segfault in objdump comparesymbols on synthetic plt symbols - CVE-2022-47696:...
Fedora: Security Advisory (FEDORA-2026-2301995d0a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 42 : mingw-glib2 (2026-0955012bb5)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0955012bb5 advisory. Backport patch for CVE-2026.0988. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
Fedora: Security Advisory (FEDORA-2026-dc77eb63ae)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2025-40007
In the Linux kernel, the following vulnerability has been resolved: netfs: fix reference leak Commit 20d72b00ca81 "netfs: Fix the request's work item to not require a ref" modified netfsallocrequest to initialize the reference counter to 2 instead of 1. The rationale was that the requet's "work"...
[SECURITY] [DLA 4262-2] libcommons-lang-java regression update
Debian LTS Advisory DLA-4262-2 [email protected] https://www.debian.org/lts/security/ Daniel Leidert September 30, 2025 https://wiki.debian.org/LTS Package : libcommons-lang-java Version : 2.6-9+deb11u2 CVE ID : CVE-2025-48924 A regression has been discovered in the latest release...
CVE-2021-37644
TensorFlow is an end-to-end open source platform for machine learning. In affected versions providing a negative element to numelements list argument of tf.rawops.TensorListReserve causes the runtime to abort the process due to reallocating a std::vector to have a negative number of elements. The...
CVE-2022-49711
In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: fix KASAN use-after-free in fslmcbusremove In fslmcbusremove, mc-rootmcbusdev-mcio is passed to fsldestroymcio. However, mc-rootmcbusdev is already freed in fslmcdeviceremove. Then reference to mc-rootmcbusdev-mc...
UBUNTU-CVE-2021-47172
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as pa...
CVE-2023-5981
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding...
Fedora 37 : python-starlette (2023-b082504356)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-b082504356 advisory. Backport patch for GHSA-v5gw-mw7f-84px Path traversal vulnerability in StaticFiles. Tenable has extracted the preceding description block directly from the...
SUSE CVE-2006-4535
The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of service crash via an SCTP socket with a certain SOLINGER value, possibly related to the patch for CVE-2006-3745. NOTE: older kernel versions for specific Linux distributions are also affected, due to...
SUSE CVE-2020-15238
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...
SUSE CVE-2021-37661
TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in boostedtreescreatequantilestreamresource by using negative arguments. The implementation does not validate that numstreams only contains non-negative numbers. I...
AZL-11526 CVE-2022-41886 affecting package tensorflow for versions less than 2.11.0-1
TensorFlow is an open source platform for machine learning. When tf.rawops.ImageProjectiveTransformV2 is given a large output shape, it overflows. We have patched the issue in GitHub commit 8faa6ea692985dbe6ce10e1a3168e0bd60a723ba. The fix will be included in TensorFlow 2.11. We will also...
GHSA-7V94-64HJ-M82H FPE in `ParallelConcat`
Impact The implementation of ParallelConcat misses some input validation and can produce a division by 0: python import tensorflow as tf @tf.function def test: y = tf.rawops.ParallelConcatvalues='tf',shape=0 return y test Patches We have patched the issue in GitHub commit...
CVE-2021-41222
TensorFlow is an open source platform for machine learning. In affected versions the implementation of SplitV can trigger a segfault is an attacker supplies negative arguments. This occurs whenever sizesplits contains more than one value and at least one value is negative. The fix will be include...