openSUSE 16 Security Update : perl-YAML-Syck (openSUSE-SU-2026:20938-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20938-1 advisory. Changes in perl-YAML-Syck: - CVE-2026-5089: prevent buffer underflow in base60 sexagesimal parsing PR 133 bsc1265155. Tenable has extracted the precedin...

OPENSUSE-SU-2026:20938-1 Security update for perl-YAML-Syck

This update for perl-YAML-Syck fixes the following issues: Changes in perl-YAML-Syck: - CVE-2026-5089: prevent buffer underflow in base60 sexagesimal parsing PR 133 bsc1265155...

Fedora 45 : vorbis-tools (2026-9c00940406)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9c00940406 advisory. Automatic update for vorbis-tools-1.4.3-5.fc45. Changelog Tue Jun 9 2026 Luk Zaoral - 1:1.4.3-5 - CVE-2026-34253 - fix arbitrary code execution via buffer...

Medium: vorbis-tools

Issue Overview: A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow...

Medium: vorbis-tools

Issue Overview: A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control functionality when processing malformed input, leading to a stack buffer underflow...

Medium: perl-YAML-Syck

Issue Overview: YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase60 and floatbase60 handlers. When processing the leftmost segment of a colon-separated value e.g., the 1 in 1:30:45, the...

Medium: capstone

Issue Overview: Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream's index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Comm...

TencentOS Server 4: vorbis-tools (TSSA-2026:0408)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0408 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Amazon Linux 2 : vorbis-tools, --advisory ALAS2-2026-3349 (ALAS-2026-3349)

The version of vorbis-tools installed on the remote host is prior to 1.4.0-13. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3349 advisory. A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function...

Amazon Linux 2 : perl-YAML-Syck, --advisory ALAS2-2026-3327 (ALAS-2026-3327)

The version of perl-YAML-Syck installed on the remote host is prior to 1.27-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3327 advisory. YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a...

Amazon Linux 2023 : vorbis-tools (ALAS2023-2026-1812)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1812 advisory. A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control...

EulerOS Virtualization 2.13.0 : libssh (EulerOS-SA-2026-2176)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libssh: Denial of Service via improper configuration file handlingCVE-2026-0965 libssh: Improper sanitation of paths received from S...

EulerOS Virtualization 2.13.1 : libssh (EulerOS-SA-2026-2137)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libssh: Denial of Service via improper configuration file handlingCVE-2026-0965 libssh: Improper sanitation of paths received from S...

RockyLinux 10 : libssh (RLSA-2026:18160)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:18160 advisory. libssh: Buffer underflow in sshgethexa on invalid input CVE-2026-0966 libssh: Improper sanitation of paths received from SCP servers CVE-2026-0964...

Security update for vorbis-tools (moderate)

openSUSE security update: security update for vorbis-tools ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20891-1 Rating: moderate References: bsc1265361 Cross-References: CVE-2026-34253 CVSS scores: CVE-2026-34253 SUSE : 3.3...

OPENSUSE-SU-2026:20891-1 Security update for vorbis-tools

This update for vorbis-tools fixes the following issues: Changes in vorbis-tools: - CVE-2026-34253: Fix buffer underflow in the ogg123 utility in function remotethread of remote.c bsc1265361:...

RockyLinux 9 : glib2 (RLSA-2026:19361)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19361 advisory. glib: GLib: Buffer underflow in GVariant parser leads to heap corruption CVE-2025-14087 glib: Integer Overflow in GLib GIO Attribute Escaping Causes Hea...

RLSA-2026:19148 Moderate: glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GLib: Buffer underflow...

libssh security update

An update is available for libssh. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

glib2 security update

An update is available for glib2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GLib provides the core application building blocks for libraries and...