MiracleLinux 4 : samba-3.6.23-24.AXS4 (AXSA:2016-013:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-013:01 advisory. Samba is the suite of programs by which a lot of PC-related machines share files, printers, and other information such as lists of available files an...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

firefox: thunderbird: Spoofing issue in the DOM: Copy & Paste and Drag & Drop component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the DOM: Copy & Paste and Drag & Drop component...

net: stmmac: fix the crash issue for zero copy XDP_TX action

...

firefox: thunderbird: Spoofing issue in the DOM: Copy & Paste and Drag & Drop component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the DOM: Copy & Paste and Drag & Drop component...

SUSE CVE-2025-68811

In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...

CVE-2025-71070

A reference count leak flaw was found in the Linux kernel's ublk userspace block driver subsystem. When a ublk server process exits while requests are still pending, the reference counts for those requests are not properly decremented. This leads to WARNONONCE warnings and could potentially allow...

gnupg2 security update

2.2.20-4 - Fix CVE-2025-68973 gpg.fail/memcpy...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001828)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001828 advisory. fs/overlayfs/copyup.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service dentry reference le...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002727)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002727 advisory. An issue was discovered in the Linux kernel before 4.19.3. cryptoreportone and related functions in crypto/cryptouser.c the crypto user configuration API do not full...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003108 advisory. In /drivers/isdn/i4l/isdnnet.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1091)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: drop UFO packets in udprcvsegmentCVE-2025-38622 A transient execution vulnerability in some AMD processors may allow an attacker to infer dat...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002800)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002800 advisory. Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write...

PT-2026-3153

Name of the Vulnerable Software and Affected Versions Dolibarr ERP-CRM version 14.0.2 Description Dolibarr ERP-CRM version 14.0.2 has a stored cross-site scripting issue in the ticket creation module. Low-privilege users can inject malicious scripts. An attacker can create a specially designed...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003167)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003167 advisory. Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002282)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002282 advisory. Buffer overflow in the completeemulatedmmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001797)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001797 advisory. The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic an...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox: thunderbird: Memor...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002684)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002684 advisory. The oomreaptaskmm function in mm/oomkill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service TLB...

Oracle Linux 10 : gnupg2 (ELSA-2026-0697)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0697 advisory. - Fix CVE-2025-68973 gpg.fail/memcpy Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...