Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004387 advisory. A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka...

MiracleLinux 7 : exiv2-0.27.0-2.el7 (AXSA:2019-4178:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4178:01 advisory. exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp CVE-2017-17724 exiv2: out-of-bounds read in...

MiracleLinux 7 : php-5.4.16-43.el7.1 (AXSA:2018-2623:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2623:01 advisory. php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function CVE-2017-7890 Tenable has extracted the preceding description block directly...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004185)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004185 advisory. A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module,...

Cisco IOS XE Software Unified Threat Defense Snort Intrusion Prevention System Engine Multiple Vulnerabilities (cisco-sa-snort3-dcerpc-vulns-J9HNF4tH)

According to its self-reported version, Cisco IOS-XE Software is affected by the following vulnerabilities: - A vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restar...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000752)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000752 advisory. In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211setstation wh...

CVE-2025-60003

A Buffer Over-read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device receives a BGP update with a set of specific optional transitive...

CVE-2025-60003

A Buffer Over-read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device receives a BGP update with a set of specific optional transitive...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002540)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002540 advisory. In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211setstation wh...

PT-2026-3110

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 22.4R3-S8 Juniper Networks Junos OS versions 23.2 through 23.2R2-S5 Juniper Networks Junos OS versions 23.4 through 23.4R2-S6 Juniper Networks Junos OS versions 24.2 through 24.2R2-S2 Juniper Network...

openSUSE 16 Security Update : libpng16 (openSUSE-SU-2026:20017-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20017-1 advisory. - CVE-2025-64505: heap buffer over-read in pngdoquantize when processing PNG files malformed palette indices bsc1254157. - CVE-2025-64506: heap...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003288)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003288 advisory. In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211setstation wh...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002400)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002400 advisory. The ieee80211radiotapiteratorinit function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of t...

LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_*

...

MiracleLinux 4 : php-5.3.3-3.AXS4.5 (AXSA:2012-30:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-30:01 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers...

Juniper Junos OS Vulnerability (JSA103166)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA103166 advisory. - A Buffer Over-read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to...

ROS-20260114-7328

A vulnerability in the net/sched/schcake.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability may allow an attacker to gain access to confidential data, violate its integrity, and cause a denial of...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid potential buffer over-reading in parseapplysbmountoptions. Unlike other strings in the ext4 superblock, we rely on tune2fs to ensure that smountopts is terminated with NUL. We need to make parseapplysbmountoptions mor...

Astra Linux – Vulnerability in ffmpeg

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, decompress and decode it into the buffer td-rlerawdata of size rlerawsize a...

Security update for util-linux

This update for util-linux fixes the following issues: CVE-2025-14104: Fixed heap buffer overread in setpwnam when processing 256-byte usernames bsc1254666. lscpu: Add support for NVIDIA Olympus arm64 core jscPED-13682. Patch Instructions: To install this SUSE update use the SUSE recommended...