PT-2025-41191

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.45 Description A flaw exists within the Linker component of GNU Binutils 2.45, specifically in the bfd elf gc record vtentry function located in the bfd/elflink.c file. This issue allows for an out-of-bounds read. Local...

Plex Media Server: Incorrect resource transfer

Background Plex media server is a media library that is intended for use with a plex client. Description A vulnerability has been discovered in glibc. Please review the CVE identifier referenced below for details. Impact Please review the referenced CVE identifier for details. Workaround There is...

EulerOS Virtualization 2.13.1 : glibc (EulerOS-SA-2025-2160)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled...

EulerOS Virtualization 2.13.1 : gnupg2 (EulerOS-SA-2025-2162)

According to the versions of the gnupg2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that...

EulerOS 2.0 SP13 : coreutils (EulerOS-SA-2025-2133)

According to the versions of the coreutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory...

Linux Distros Unpatched Vulnerability : CVE-2025-59378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the...

glibc bug fix update

2.34-168.0.1.23 - Forward-port Oracle patches for ol9-u6 Reviewed-by: Jose E. Marchesi Oracle history: June-30-2025 Cupertino Miranda - 2.34-168.0.1.20 - Forward-port Oracle patches for ol9-u6 Reviewed-by: Jose E. Marchesi June-9-2025 Cupertino Miranda - 2.34-168.0.1.19 - Forward-port Oracle...

UBUNTU-CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

GNU Guix 安全漏洞

GNU Guix is an open source, cross-platform package manager from the GNU community in the United States. A security vulnerability exists in versions of GNU Guix prior to 1618ca7, which stems from the fact that the content-addressed-mirrors file can be written to create the setuid program,...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2025-1179)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1179 advisory. The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an...

CLSA-2025-1757690669 glibc: Fix of CVE-2019-9169

CVE-2019-9169: fix heap-based buffer over-read in proceednextnode in posix/regexec.c...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2025-2090)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2025-2095)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2025-2031)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2025-43920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Mailman 2.1.39, as bundled in cPanel and WHM, in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2025-2000)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : gnupg2 (EulerOS-SA-2025-2037)

According to the versions of the gnupg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect...