85 matches found
RockyLinux 9 : glibc (RLSA-2026:20597)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:20597 advisory. glibc: glibc: Incorrect DNS response parsing via crafted DNS server response CVE-2026-4437 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr...
glibc security update
An update is available for glibc. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries libc, POSIX thread librari...
Moderate: Red Hat Security Advisory: glibc security update
An update for glibc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Typebot 安全漏洞
Typebot is an open-source chat bot builder developed by Baptiste Arnaud. Versions of Typebot prior to 3.16.0 contained security vulnerabilities. These vulnerabilities stemmed from the SRFI protection for Webhook/HTTP requests, which only verified URL strings and allowed host name parameters and...
Moderate: Red Hat Security Advisory: glibc security update
An update for glibc is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
ALSA-2026:19061 Moderate: glibc security update
The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...
RHEL 10 : glibc (RHSA-2026:19061)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19061 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : glibc (SUSE-SU-2026:1369-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1369-1 advisory. - CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response bsc1260078. -...
Security update for glibc
This update for glibc fixes the following issues: CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response bsc1260078. CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions bsc1260082. Patch Instructions: To install this SUSE update use the SUSE recommended...
SUSE-SU-2026:21019-1 Security update for glibc
This update for glibc fixes the following issues: Security fixes: - CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response bsc1260078. - CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions bsc1260082. Other fixes: - nss: Missing checks in...
OPENSUSE-SU-2026:20501-1 Security update for glibc
This update for glibc fixes the following issues: Security fixes: - CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response bsc1260078. - CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions bsc1260082. Other fixes: - nss: Missing checks in...
SUSE-SU-2026:21039-1 Security update for glibc
This update for glibc fixes the following issues: - CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response bsc1260078. - CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions bsc1260082...
SUSE-SU-2026:21069-1 Security update for glibc
This update for glibc fixes the following issues: - CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response bsc1260078. - CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions bsc1260082...
CVE-2026-24028 Out-of-bounds read when parsing DNS packets via Lua
An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses newDNSPacketOverlay to parse DNS packets. The out-of-bounds read might trigger a crash, leading to a denial of service, or access unrelated memory, leading to potential...
📄 Starlink DNS Rebinding
This Metasploit auxiliary module implements a DNS rebinding attack targeting Starlink infrastructure CVE-2023-52235. The module operates by running a malicious DNS server that dynamically switches responses from a public IP to internal network targets, enabling access to internal services. It als...
EulerOS 2.0 SP11 : libwebsockets (EulerOS-SA-2026-1613)
According to the versions of the libwebsockets package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Use After Free vulnerability exists in the WebSocket server implementation in lwshandshakeserver in warmcat libwebsockets. In specific...
EUVD-2026-9466
Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking...
PT-2026-23025
Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking...
MiracleLinux 9 : toolbox-0.0.99.5-5.el9 (AXSA:2024-9104:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9104:02 advisory. golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 golang: html/templat...
MiracleLinux 7 : sssd-1.13.0-40.el7 (AXSA:2015-829:03)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-829:03 advisory. Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a...