MiracleLinux 7 : firefox-60.7.0-1.0.1.el7.AXS7 (AXSA:2019-3895:02)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3895:02 advisory. Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 CVE-2019-9800 Mozilla: Cross-origin theft of images with createImageBitmap...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003093)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003093 advisory. The ext4validblockbitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service out-of-bounds read and system...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001775)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001775 advisory. The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003381)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003381 advisory. An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service out-of- bounds memory access and BUG can occur upon encountering an...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002272)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002272 advisory. The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002145)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002145 advisory. The nfs4getacluncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002866)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002866 advisory. The ext4validblockbitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service out-of-bounds read and system...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: exfat: The allocation bitmap’s cluster allocation bits need to be validated. The syzbot exploit created an exfat image with cluster bits not set for the allocation bitmap. The exfat-fs module reads and uses the allocation bitmap...

Astra Linux – Vulnerability in imagemagick

ImageMagick is a open-source software suite for displaying, converting, and editing raster image files. In versions of ImageMagick prior to 7.1.2-7 and 6.9.13-32, there is an integer overflow vulnerability in the BMP decoder on 32-bit systems. The vulnerability occurs in the coders/bmp.c file,...

Use of NullPointerException Catch to Detect NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to Use of NullPointerException Catch to Detect NULL Pointer Dereference in the MultimodalTokenize function that improperly processes NULL from mtmdhelperbitmapinitfrombuf function of vendored llama.cpp. An attacker can cause the applicatio...

CVE-2019-2281

An unauthenticated bitmap image can be loaded in to memory and subsequently cause execution of unverified code. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS405, QCS605, SD 636, SD 665, SD 675...

CVE-2019-2251

If a bitmap file is loaded from any un-authenticated source, there is a possibility that the bitmap can potentially cause stack buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

CVE-2025-40764

A vulnerability has been identified in Simcenter Femap V2406 All versions V2406.0003, Simcenter Femap V2412 All versions V2412.0002. The affected applications contains an out of bounds read vulnerability while parsing specially crafted BMP files. This could allow an attacker to execute code in th...

SUSE CVE-2025-15279

FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000505)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000505 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request This patch addresses a dat...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000492)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000492 advisory. A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security...

Oracle Linux 8 : poppler (ELSA-2026-0130)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0130 advisory. 20.11.0-13 - Check bitmap in combine - Resolves: RHEL-131786 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 10 : poppler (ELSA-2026-0128)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0128 advisory. 24.02.0-7 - Check bitmap in combine - Resolves: RHEL-131783, RHEL-131782 Tenable has extracted the preceding description block directly from the Oracle Linux...

poppler security update

21.01.0-23 - Bump release for build inheritance - Resolves: RHEL-131792 21.01.0-22 - Check bitmap in combine - Resolves: RHEL-131795, RHEL-131792...

poppler security update

20.11.0-13 - Check bitmap in combine - Resolves: RHEL-131786...