Fedora 44 : cockpit (2026-ac9d9c87c8)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ac9d9c87c8 advisory. Automatic update for cockpit-362-1.fc44. Changelog for cockpit Wed May 20 2026 Packit - 362-1 - Bug fixes and translation updates - Fix arbitrary code...

Fedora: Security Advisory (FEDORA-2026-42f1aaa820)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : cockpit (2026-42f1aaa820)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-42f1aaa820 advisory. Automatic update for cockpit-360-1.fc43. Changelog for cockpit Wed Apr 08 2026 Packit - 360-1 - ws: be more explicit when handling hostnames on cli...

SUSE: Security Advisory (SUSE-SU-2026:20337-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 16 Security Update : cockpit (openSUSE-SU-2026:20182-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20182-1 advisory. - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global prototypes bsc1257324. Tenable has...

EUVD-2024-47977

Malicious code in bioql PyPI...

Mageia: Security Advisory (MGASA-2025-0181)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2024-6126

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads t...

openSUSE Security Advisory (openSUSE-SU-2024:0206-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-1025

Versions of the package cockpit-hq/cockpit before 2.4.1 are vulnerable to Arbitrary File Upload where an attacker can use different extension to bypass the upload filter...

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload where an attacker can use different extension to bypass the upload filter. PoC php " document.getElementById"cmd".focus; Remediation Upgrade cockpit-hq/cockpit to version 2.4.1 or higher. References - GitHub Commit...

Fedora: Security Advisory (FEDORA-2024-9eb3674b7c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-6126

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service DoS attack...

DEBIAN-CVE-2024-6126

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service DoS attack...

CVE-2024-6126

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service DoS attack...

CVE-2024-6126

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service DoS attack...

UBUNTU-CVE-2024-6126

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service DoS attack...

CVE-2024-6126

Consolidated details show CVE-2024-6126 affects the cockpit package across multiple Linux distributions. The issue arises when pam_env's user_readenv option is enabled, allowing an authenticated user to terminate any process, causing a DoS. Public advisories reference fixes in cockpit updates (e....

CVE-2024-6126

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service DoS attack...

CVE-2024-6126

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service DoS attack. Mitigation Disable pamenv's userreadenv option in PAM config...