MiracleLinux 8 : java-17-openjdk-17.0.13.0.11-3.el8 (AXSA:2024-8948:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8948:16 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-212...

MiracleLinux 7 : dpdk-18.11.8-2.el7 (AXSA:2023-4760:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4760:01 advisory. dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 Tenable has extracted the preceding description block...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.342.b07-1.el7 (AXSA:2022-3599:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3599:06 advisory. OpenJDK: integer truncation issue in Xalan-J JAXP, 8285407 CVE-2022-34169 OpenJDK: class compilation issue Hotspot, 8281859 CVE-2022-21540 OpenJDK:...

Important: jmc security update

JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis of the extensive data collected by JDK Flight Recorder. The tool chain enables developers and administrators to collect and analyze data from Java applications...

RHSA-2026:0698 Red Hat Security Advisory: mariadb-devel:10.3 security update

Bulletin has no description...

Command Injection

Kottster is vulnerable to Command Injection. The vulnerability is due to insecure handling of development-mode functionality, which allows an unauthenticated attacker to execute arbitrary code on the server when the application is running in development mode...

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.191.b12-0.AXS4 (AXSA:2018-3360:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3360:04 advisory. OpenJDK: Improper field access checks Hotspot, 8199226 CVE-2018-3169 OpenJDK: Unrestricted access to scripting engine Scripting, 8202936 CVE-2018-31...

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.151-1.b12.AXS4 (AXSA:2017-2337:08)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2337:08 advisory. Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to...

RHEL 8 : mariadb-devel:10.3 (RHSA-2026:0698)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0698 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB: mariadb-dump...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.39.b17.AXS4 (AXSA:2011-61:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-61:02 advisory. The Java Platform Standard Edition Development Kit JDK includes both the runtime environment Java virtual machine, the Java platform classes and...

kernel-devel-6.18.5-1.1 on GA media (moderate)

kernel-devel-6.18.5-1.1 on GA media Announcement ID: openSUSE-SU-2026:10039-1 Rating: moderate Cross-References: CVE-2025-68332 CVE-2025-68335 CVE-2025-68336 CVE-2025-68337 CVE-2025-68344 CVE-2025-68345 CVE-2025-68346 CVE-2025-68347 CVE-2025-68348 CVE-2025-68349 CVE-2025-68350 CVE-2025-68351...

CVE-2025-8090 Vulnerability in the QNX Neutrino Kernel impacts the QNX Software Development Platform and QNX OS for Safety

Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...

GHSA-524M-Q5M7-79MM Mailpit is vulnerable to Cross-Site WebSocket Hijacking (CSWSH) allowing unauthenticated access to emails

Summary The Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicious website that, when visited by a developer running Mailpit locally,...

MiracleLinux 8 : luksmeta-9-4.el8_10.1 (AXSA:2025-11519:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11519:01 advisory. luksmeta: Data corruption when handling LUKS1 partitions with luksmeta CVE-2025-11568 Tenable has extracted the preceding description block directly from th...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.462.b08-2.el8 (AXSA:2025-10573:11)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10573:11 advisory. JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve scripting supports CVE-2025-30761 JDK: Bette...

MiracleLinux 9 : java-17-openjdk-17.0.14.0.7-2.el9.ML.1 (AXSA:2025-9583:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9583:02 advisory. JDK: Enhance array handling CVE-2025-21502 Bug Fixes: The Red Hat OpenJDK packages rely on the copy-jdk-configs package to transfer configuration files to a...

MiracleLinux 8 : java-17-openjdk-17.0.16.0.8-2.el8 (AXSA:2025-10574:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10574:10 advisory. JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059...

Microsoft Windows SDK < 10.0.26100.7463 Inbox COM Objects (Global Memory) RCE (January 2026)

The version of Microsoft Windows SDK installed on the remote host is prior to 10.0.26100.7463. It is, therefore, affected by a remote code execution vulnerability: - Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. CVE-2026-21219 Note that Nessus has no...

OPENSUSE-SU-2026:10039-1 kernel-devel-6.18.5-1.1 on GA media

These are all security issues fixed in the kernel-devel-6.18.5-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-68656

CVE-2025-68656 affects the ESP-IDF USB Host HID Driver. Before 1.1.0, usb_class_request_get_descriptor() frees and reallocates hid_device-&gt;ctrl_xfer while continuing to use a stale local pointer, causing an immediate use-after-free when processing attacker-controlled Report Descriptor lengths....