Fedora: Security Advisory (FEDORA-2026-beac8e1f11)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : dnf5 (2026-4e264a94a4)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4e264a94a4 advisory. This release fixes CVE-2026-3836 a crash in dnf5daemon-server when receiving an unknown locale from a D-Bus client. Tenable has extracted the...

Fedora: Security Advisory (FEDORA-2026-4e264a94a4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2024-27691

Malicious code in bioql PyPI...

CVE-2024-1930 affecting package dnf5 for versions less than 5.0.14-3

CVE-2024-1930 affecting package dnf5 for versions less than 5.0.14-3. A patched version of the package is available...

CVE-2024-1929 affecting package dnf5 for versions less than 5.1.11-2

CVE-2024-1929 affecting package dnf5 for versions less than 5.1.11-2. A patched version of the package is available...

CVE-2024-2746 affecting package dnf5 for versions less than 5.1.11-2

CVE-2024-2746 affecting package dnf5 for versions less than 5.1.11-2. A patched version of the package is available...

CVE-2024-1930 affecting package dnf5 for versions less than 5.1.11-2

CVE-2024-1930 affecting package dnf5 for versions less than 5.1.11-2. A patched version of the package is available...

CVE-2024-2746

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...

AZL-66105 CVE-2024-1930 affecting package dnf5 for versions less than 5.0.14-3

No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is no limit on how many sessions D-Bus clients may create using the opensession D-Bus method. For each...

CVE-2024-2746 Incomplete fix for CVE-2024-1929

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...