RHEL 8 : gnupg2 (RHSA-2026:0974)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0974 advisory. The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Securi...

VulnCheck KEV: CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

Azure Linux 3.0 Security Update: dietlibc (CVE-2015-1473)

The version of dietlibc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2015-1473 advisory. - The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not...

RHEL 8 : gnupg2 (RHSA-2026:1014)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1014 advisory. The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Securi...

GHSA-5PF6-63V3-88HW vulnerabilities

Vulnerabilities for packages: glibc...

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

CVE-2026-24061

Summary: CVE-2026-24061 affects GNU Inetutils’ telnetd (up to 2.7) and enables remote authentication bypass by setting the USER environment variable to "-f root". This can lead to unauthorized root access if telnetd is reachable. What’s affected (per provided docs): inetutils telnetd; GNU Inetuti...

CVE-2026-24061

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable...

Linux Distros Unpatched Vulnerability : CVE-2025-15281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized...

Important: gnupg2

Issue Overview: In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. For ExtendedLTS, 2.2.51 and later are fixed versions. CVE-2025-68973 Affected Packages: gnupg2 Note: This advisory ...

GNU Inetutils 参数注入漏洞

GNU InetUtils telnetd is a telnet service daemon in the GNU InetUtils suite that listens on TCP port 23 and provides clients with plaintext terminal access based on the Telnet protocol. A remote authentication bypass vulnerability exists in GNU InetUtils Telnetd, which can be exploited to bypass...

CVE-2025-15281

Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the wewordv member, which on subsequent calls to wordfree may abort the process...

CVE-2025-15281

Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the wewordv member, which on subsequent calls to wordfree may abort the process...

CVE-2025-15281

Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the wewordv member, which on subsequent calls to wordfree may abort the process...

CVE-2025-15281

CVE-2025-15281 concerns the GNU C Library (glibc). The issue arises when wordexp is used with WRDE_REUSE together with WRDE_APPEND, which can cause we_wordv to be returned with uninitialized memory. On subsequent wordfree calls this memory state may trigger a process abort. The CVE is reflected i...

CVE-2025-15281

Calling wordexp with WRDEREUSE in conjunction with WRDEAPPEND in the GNU C Library version 2.0 to version 2.42 may cause the interface to return uninitialized memory in the wewordv member, which on subsequent calls to wordfree may abort the process...

gnupg2 security update

An update is available for gnupg2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating...

RLSA-2026:0719 Important: gnupg2 security update

The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fixes: GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write CVE-2025-68973 For more details about...

MiracleLinux 8 : glibc-2.28-127.el8 (AXSA:2020-1011:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-1011:05 advisory. glibc: array overflow in backtrace functions for powerpc CVE-2020-1751 glibc: use-after-free in glob function when expanding user CVE-2020-1752 glib...

MiracleLinux 8 : libtar-1.2.20-17.el8 (AXSA:2023-5561:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5561:01 advisory. libtar: out-of-bounds read in gnulonglink CVE-2021-33643 libtar: out-of-bounds read in gnulongname CVE-2021-33644 libtar: memory leak found in threa...