164 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - symfony - None Ubuntu Linux - Unknown description CVE-2026-45073 Note that Nessus relies on the presence of the package as reported by the vendor...
PT-2026-36686
Pre-show: Two thirds of your hosts are sick 🤧 Follow-up: Backblaze & cloud backups Carbon Copy Cloner & Backblaze via Barry Rubenstein Support document Maestral Arq’s approach via Daniel Luz Neo-ing… other things Mythos What makes this different via William Moran GPT-5.5 is equivalent? cURL...
Exploit for CVE-2026-31431
copy-fail-fix Per-distro mitigation scripts for CVE-2026-314...
[SECURITY] Fedora 42 Update: PackageKit-1.3.4-3.fc42
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...
[SECURITY] Fedora 43 Update: PackageKit-1.3.4-3.fc43
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...
[SECURITY] [DLA 4548-1] distro-info-data database update
Debian LTS Advisory DLA-4548-1 [email protected] https://www.debian.org/lts/security/ Stefano Rivera April 25, 2026 https://wiki.debian.org/LTS Package : distro-info-data Version : 0.51+deb11u11 This is a routine update of the distro-info-data database for Debian LTS users. It updates t...
Debian dla-4548 : distro-info-data - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4548 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4548-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] Fedora 44 Update: PackageKit-1.3.4-3.fc44
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...
Linux Distros Unpatched Vulnerability : CVE-2026-3939
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted PDF fil...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: skopeo-fips, rke2-cloud-provider-fips, pulumi, karma, falcoctl, azcopy, crossplane-provider-aws-lambda, kubernetes-csi-external-attacher-fips, sops-fips, kong-ingress-controller-fips, prometheus-node-exporter, longhorn-manager, jobset-fips, json-exporter,...
CVE-2025-11224
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to execute stored cross-site scripting through improper input validation in the Kubernetes proxy functionality...
CVE-2021-31828
An SSRF issue in Open Distro for Elasticsearch ODFE before 1.13.1.0 allows an existing privileged user to enumerate listening services or interact with configured resources via HTTP requests exceeding the Alerting plugin's intended scope...
CVE-2025-47913 vulnerabilities
Vulnerabilities for packages: falco-no-driver, backup-restore-operator, consul-k8s, vault, gitlab-rails-ce-fips, rke2-runtime-fips, terraform, k3s, cert-manager-fips, gitlab-rails-ce...
GHSA-56W8-48FP-6MGV vulnerabilities
Vulnerabilities for packages: falco-no-driver, backup-restore-operator, consul-k8s, vault, gitlab-rails-ce-fips, rke2-runtime-fips, terraform, k3s, cert-manager-fips, gitlab-rails-ce...
CVE-2025-9825
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 to 18.2.8, 18.3 before 18.3.4, and 18.4 before 18.4.2 that could have allowed authenticated users without project membership to view sensitive manual CI/CD variables by querying the GraphQL API...
CVE-2025-2615
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.7 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2, that could have allowed a blocked user to access sensitive information by establishing GraphQL subscriptions through WebSocket connections...
CVE-2025-11865
An issue has been discovered in GitLab EE affecting all versions from 18.1 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that, under certain circumstances, could have allowed an attacker to remove Duo flows of another user...
CVE-2025-6171
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated attacker with reporter access to view branch names and pipeline details by accessing the packages API endpoint even wh...
CVE-2025-11990
GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to gain CSRF tokens by exploiting improper input validation in repository references combined with redirect handling weaknesses...
CVE-2025-52881 vulnerabilities
Vulnerabilities for packages: skopeo-fips, neuvector-scanner-fips, envoy-gateway, k9s, cluster-autoscaler, kots, prometheus-node-exporter, grype-fips, node-feature-discovery, mesosphere-vsphere-csi, cni-plugins-fips, neuvector, falco-no-driver, zarf, kubernetes-csi-driver-nfs-fips,...