9203 matches found
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...
Important: kernel6.18
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen /etc/modprobe.d/disable-algif.conf rmmod algifaead Some Amazon Linux 2 systems on the ARM64 architecture may fail the above rmmod command as they have the algifae...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen /etc/modprobe.d/disable-algif.conf rmmod algifaead Some Amazon Linux 2 systems on the ARM64 architecture may fail the above rmmod command as they have the algifae...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...
Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1650)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1650 advisory. In the Linux kernel, the following vulnerability has been resolved:crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of t...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2026-120 (ALASKERNEL-5.4-2026-120)
The version of kernel installed on the remote host is prior to 5.4.302-223.469. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2026-120 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-116 (ALASKERNEL-5.10-2026-116)
The version of kernel installed on the remote host is prior to 5.10.252-250.1016. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-116 advisory. In the Linux kernel, the following vulnerability has been resolved:crypto: algifaead - Revert to...
InstallFix and Claude Code: How Fake Install Pages Lead to Real Compromise
Targeting multiple industries worldwide, the InstallFix campaign uses fake Claude AI installer pages to trick users into running malware that collects system information, disables security features, achieves persistence, and connects to attacker-controlled C&C servers for additional payloads...
CVE-2026-6525
A flaw was found in the IEEE 802.11 dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a NULL pointer dereference, resulting in a denial of service. Mitigation If the IEEE 802.11 protocol dissector is not being used, it can be...
CVE-2026-42236
Summary: CVE-2026-42236 affects n8n, an open source workflow automation platform. The issue is in the MCP OAuth client registration endpoint, which accepted unauthenticated requests and stored client data without adequate resource controls. An unauthenticated remote attacker could perform a denia...
Security Bulletin: Vulnerability in urllib3 affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in urllib3 has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...
JLSEC-2026-436
libcurl can in some circumstances reuse the wrong connection when asked to do an Negotiate-authenticated HTTP or HTTPS request. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of...
Security Bulletin: Denial of Service in urllib3 via Unbounded Decompression of Redirect Responses
Summary urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on t...
CVE-2026-6526
A flaw was found in Wireshark, a network protocol analyzer. By processing a specially crafted Real-Time Streaming Protocol RTSP packet, a remote attacker could cause the Wireshark application to crash, leading to a denial of service. This vulnerability affects the RTSP protocol dissector...
CVE-2026-6538
A flaw was found in Wireshark. A remote attacker could exploit a crash in the BEEP Blocks Extensible Exchange Protocol dissector by crafting a malicious BEEP packet. This vulnerability leads to a Denial of Service DoS, causing Wireshark to become unresponsive. Mitigation To mitigate this issue,...
PT-2026-36989
Name of the Vulnerable Software and Affected Versions phpVMS versions 7.x through 7.0.5 Description A critical issue in the legacy importer component allows unauthenticated access to a deprecated import feature. A remote attacker can trigger internal processes to modify or delete application data...
glusterfs: Fix of 2 CVEs
CVE-2018-10923: posix: disable open/read/write on special files - CVE-2018-14651: server: don't allow '/' in basename...