Alibaba Cloud Linux 3 : 0138: glibc (ALINUX3-SA-2025:0138)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0138 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-0395: When the assert function in...

OESA-2025-2046 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

OESA-2025-2045 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

OESA-2025-2044 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

Linux Distros Unpatched Vulnerability : CVE-2019-1010024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE:...

GNU cflow Buffer Overflow Vulnerability

GNU cflow is a flowchart generator for the US GNU community that reads C source files and generates externally referenced flowcharts. A buffer overflow vulnerability exists in GNU cflow version 1.8 and earlier, which originates from a boundary error when the application handles untrusted input. A...

EulerOS 2.0 SP11 : gnupg2 (EulerOS-SA-2025-1952)

According to the versions of the gnupg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect...

EulerOS 2.0 SP13 : gnupg2 (EulerOS-SA-2025-1989)

According to the versions of the gnupg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect...

EulerOS 2.0 SP11 : glibc (EulerOS-SA-2025-1951)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of...

CLSA-2025-1755005189 glibc: Fix of CVE-2025-8058

CVE-2025-8058: fix double-free after allocation failure in regcomp...

[SECURITY] Fedora 42 Update: mingw-python3-3.11.13-4.fc42

MinGW Windows python3...

Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2025-1975)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2025-8736

A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclose...

SUSE CVE-2025-8746

A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function strstrsse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue w...

CVE-2025-8746

A buffer overflow flaw was found in libopts. The strstrsse2 function is susceptible to memory corruption due to manipulation of internal data structures. A local attacker can trigger this vulnerability. Exploitation occurs through crafted input, potentially leading to a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2022-23218

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The deprecated compatibility function svcunixcreate in the sunrpc module of the GNU C Library aka glibc through 2.34 copies its path argument on the stack witho...

CVE-2025-8733

A flaw was found in bison. The obstackvprintfinternal function in obprintf.c contains an issue where manipulation can lead to a reachable assertion, allowing a local attacker to trigger an assertion failure. This condition is exploitable via crafted input. The primary consequence of this...

Linux Distros Unpatched Vulnerability : CVE-2025-45582

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an...

Linux Distros Unpatched Vulnerability : CVE-2022-23219

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The deprecated compatibility function clntcreate in the sunrpc module of the GNU C Library aka glibc through 2.34 copies its hostname argument on the stack...

CVE-2025-8746

A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function strstrsse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue w...