CLSA-2026-1779535502 unbound: Fix of CVE-2026-33278

CVE-2026-33278: possible remote code execution during DNSSEC validation via a dangling rrsets pointer in dnsmsgdeepcopyregion exposed by the backported KeyTrap mitigation...

gdk-pixbuf2 security update

2.36.12-3.0.3 - Backport fixes for CVE-2026-5201 Orabug: 39288631 2.36.12-3.0.1 - jpeg: Be more careful with chunked icc data Orabug: 38359772CVE-2025-7345...

CLSA-2026-1777446517 squid: Fix of 3 CVEs

CVE-2019-12521: fix ESI parser off-by-one heap overflow by enforcing a stack-depth limit and throwing on overflow - CVE-2019-12524 already addressed by the CVE-2019-12520 backport same fix upstream; see Squid advisory SQUID-2019:4...

Oracle Linux 8 : gdk-pixbuf2 (ELSA-2026-10741)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-10741 advisory. - Backport fixes for CVE-2026-5201 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

Fedora: Security Advisory (FEDORA-2026-178c482e71)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2026-11160

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

DEBIAN-CVE-2026-3904

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

CVE-2026-3904

The CVE-2026-3904 issue affects the GNU C Library (GLIBC) v2.36 on x86_64 where memcmp, used by an NSS-backed path accessing nscd client code, may operate on inputs concurrently modified by other threads. This undefined behavior could crash the nscd client and dependent applications. The vulnerab...

CVE-2026-3904

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

CVE-2026-3904

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

PT-2026-24675

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x86 64 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in th...

Fedora 42 : python-pillow (2026-0d673fa503)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0d673fa503 advisory. Backport fix for CVE-2026-25990. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Fedora 42 : harfbuzz (2026-bac983cf83)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bac983cf83 advisory. Backport security fix for CVE-2026-22693 fix RHBZ2429278 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...

Fedora 42 : python-pdfminer (2026-4686d11563)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4686d11563 advisory. Backport fix for CVE-2025-64512 / GHSA-wf5f-4jwr-ppcp Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Fedora: Security Advisory (FEDORA-2025-be2f64c384)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : python-pdfminer (2025-453047be66)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-453047be66 advisory. Backport security fix for GHSA-wf5f-4jwr-ppcp / CVE-2025-64512 Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 42 : mingw-poppler (2025-591ef9306a)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-591ef9306a advisory. Backport fix for CVE-2025.52885. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 43 : mingw-qt5-qtsvg / mingw-qt6-qtsvg (2025-f11955cbd4)

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-f11955cbd4 advisory. Backport fix for CVE-2025-10729. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Fedora 42 : mingw-poppler (2025-15b4c6bad6)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-15b4c6bad6 advisory. Backport fix for CVE-2025-43718. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: git (UTSA-2025-986160)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986160 advisory. Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subjec...