MiracleLinux 9 : libtiff-4.4.0-2.el9 (AXSA:2022-4563:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4563:04 advisory. libtiff: Denial of Service via crafted TIFF file CVE-2022-0561 libtiff: Null source pointer lead to Denial of Service via crafted TIFF file...

MiracleLinux 8 : container-tools:4.0 (AXSA:2023-5976:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5976:02 advisory. golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: go/parser: stack exhaustion in all Parse functions...

ROS-20260120-7305

A vulnerability in the tcp component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260120-7364

A vulnerability in the ibftattrshownic driver function drivers/firmware/iscsiibft.c of the Linux kernel is related to read errors outside of buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Node.js security vulnerabilities

Node.js is an open-source, cross-platform JavaScript runtime environment developed by the Node.js community. There are security vulnerabilities in Node.js, which stem from unhandled TLSSocket errors when processing malformed HTTP/2 HEADERS frames. These vulnerabilities can lead to process crashes...

ROS-20260120-7313

A vulnerability in the genelinkbind function drivers/net/usb/gl620a.c of the Linux operating system kernel is related to resource management errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Mozilla Firefox and Mozilla Firefox ESR Buffer Overflow Vulnerability (CNVD-2026-11800)

Mozilla Firefox is an open source web browser from the Mozilla Foundation, USA.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation, USA. Mozilla Firefox and Mozilla Firefox ESR suffer from a buffer overflow vulnerability caused by incorrect bounda...

MiracleLinux 8 : opensc-0.20.0-2.el8 (AXSA:2021-1113:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1113:01 advisory. opensc: Out-of-bounds access of an ASN.1 Bitstring in decodebitstring in libopensc/asn1.c CVE-2019-15945 opensc: Out-of-bounds access of an ASN.1...

ROS-20260119-7359

A vulnerability in the arch/x86/kvm/hyperv.c component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7303

A vulnerability in the mxc-jpeg.c component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7388

A vulnerability in the rprocalloc function of the remoteproc driver drivers/remoteproc/remoteproccore.c of the Linux kernel is related to resource management errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7330

A vulnerability in the vidtvbridge.c component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7383

A vulnerability in the net/batman-adv components of the Linux operating system kernel is related to thread locking errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

FreeBSD : oauth2-proxy -- multiple vulnerabilities (fb561db9-0fc1-4d92-81a2-ee01839c9119)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the fb561db9-0fc1-4d92-81a2-ee01839c9119 advisory. Within HostnameError.Error, when constructing an error string, there is no limit to the number...

ROS-20260119-7337

A vulnerability in the int3472/discrete.c component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7399

A vulnerability in the uvcvideo component of the Linux operating system kernel is related to resource release errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-14435

Mattermost versions 10.11.x = 10.11.8, 11.1.x = 11.1.1, 11.0.x = 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops...

MGASA-2026-0009 Updated nodejs packages fix security vulnerabilities

Node.js HTTP/2 server crashes with unhandled error when receiving malformed HEADERS frame. CVE-2025-59465 Uncatchable "Maximum call stack size exceeded" error on Node.js via asynchooks leads to process crashes bypassing error handlers. CVE-2025-59466 Bypass File System Permissions using crafted...

Updated nodejs packages fix security vulnerabilities

Node.js HTTP/2 server crashes with unhandled error when receiving malformed HEADERS frame. CVE-2025-59465 Uncatchable "Maximum call stack size exceeded" error on Node.js via asynchooks leads to process crashes bypassing error handlers. CVE-2025-59466 Bypass File System Permissions using crafted...

Linux Distros Unpatched Vulnerability : CVE-2026-22865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, so...