FreeBSD-SA-26:21.ptrace

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:21.ptrace Security Advisory The FreeBSD Project Topic: Missing validation in ptracePTSCREMOTE Category: core Module: ptrace Announced: 2026-05-20 Credits:...

Linux Distros Unpatched Vulnerability : CVE-2026-43417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Handle vfork/CLONEVM correctly Matthieu and Jiri reported stalls where a task...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021573)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021573 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Make qedfexecutetmf non-preemptible Stop calling smpprocessorid from preemptible code...

RHEL 9 : kernel (RHSA-2026:19705)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19705 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: raw: fix ro-uniq...

RHEL 9 : thunderbird (RHSA-2026:19461)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19461 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...

RHEL 9 : thunderbird (RHSA-2026:19468)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19468 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...

RHEL 9 : rhc (RHSA-2026:19369)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19369 advisory. rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security...

Mantis Bug Tracker 跨站脚本漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from improper escaping of custom field contents in the update page, allowing attackers ...

CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

Mantis Bug Tracker（MantisBT） 访问控制错误漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker prior to 2.28.1 contained an access control vulnerability. This vulnerability stemmed from allowing authenticated users to upload attachments to private issues that they did n...

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from issues with timestamp updates in the jostle logic, which could prevent slow queries from being...

Linux Distros Unpatched Vulnerability : CVE-2026-43356

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iio: imu: adis: Fix NULL pointer dereference in adisinit The adisinit function dereferences adis-ops to check if the individual function pointers write, read,...

Linux Distros Unpatched Vulnerability : CVE-2026-43286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/hugetlb: restore failed global reservations to subpool Commit a833a693a490 mm: hugetlb: fix incorrect fallback for subpool fixed an underflow error for...

RHEL 9 : kernel-rt (RHSA-2026:19711)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19711 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

Linux Distros Unpatched Vulnerability : CVE-2026-43322

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in lereadfeaturescomplete This fixes the following backtrace...

EUVD-2026-31005

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...

CVE-2026-34970 MantisBT Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is Revoked

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...

CVE-2026-34970 MantisBT Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is Revoked

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...

CVE-2026-34970

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...

CVE-2026-34600

Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic error in the delta API that allows share recipients to download notes that are no longer shared with them, related to but not fully fixed by the prior...