MiracleLinux 8 : gnupg2-2.2.20-2.el8 (AXSA:2021-1082:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1082:01 advisory. GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which leads to persistent DoS CVE-2019-13050 Tenable has...

MiracleLinux 7 : gcc-4.8.5-28.el7 (AXSA:2018-2900:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2900:03 advisory. gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics CVE-2017-11671 Tenable has extracted the preceding description block directly from the...

GNU C Library security vulnerabilities

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions 2.0 through 2.42 of the GNU C Library contained security vulnerabilities; these vulnerabilities stemmed from the possibility of returning uninitialized memory when...

MiracleLinux 7 : glibc-2.17-326.3.0.1.el7.AXS7 (AXSA:2024-8594:08)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8594:08 advisory. CVE-2021-3999: getcwd - Set errno to ERANGE for size == 1 CVE-2021-35942: wordexp - handle overflow in positional parameter number CVE-2022-23218:...

PT-2026-3756

Name of the Vulnerable Software and Affected Versions GNU Inetutils versions 1.9.3 through 2.7 Description GNU Inetutils telnetd is vulnerable to a remote authentication bypass. An attacker can exploit this flaw by manipulating the USER environment variable, specifically by setting it to "-f root...

MiracleLinux 9 : skopeo-1.20.0-2.el9_7 (AXSA:2025-11601:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11601:05 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : glibc-2.17-326.el7.3 (AXSA:2024-8129:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8129:05 advisory. glibc: Out of bounds write in iconv may lead to remote code execution CVE-2024-2961 glibc: stack-based buffer overflow in netgroup cache...

MiracleLinux 4 : gnupg2-2.0.14-6.AXS4 (AXSA:2014-005:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-005:01 advisory. GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanc...

RLSA-2026:0697 Important: gnupg2 security update

The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fixes: GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write CVE-2025-68973 For more details about...

gnupg2 security update

An update is available for gnupg2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating...

RLSA-2026:0728 Important: gnupg2 security update

The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fixes: GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write CVE-2025-68973 For more details about...

gnupg2 security update

An update is available for gnupg2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating...

RockyLinux 10 : gnupg2 (RLSA-2026:0697)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0697 advisory. GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write CVE-2025-68973 Tenable has extracted the preceding descriptio...

K000159077: GNU Tar vulnerability CVE-2019-9923

Security Advisory Description paxdecodeheader in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers. CVE-2019-9923 There is no impact; F5 products are not affected by this vulnerability. Note : F5 previously reported...

OESA-2026-1096 tar security update

GNU Tar provides the ability to create tar archives, as well as various other kinds of manipulation. For example, you can use Tar on previously created archives to extract files, to store additional files, or to update or list files which were already stored. Security Fixes: GNU Tar through 1.35...

OESA-2026-1095 tar security update

GNU Tar provides the ability to create tar archives, as well as various other kinds of manipulation. For example, you can use Tar on previously created archives to extract files, to store additional files, or to update or list files which were already stored. Security Fixes: GNU Tar through 1.35...

OESA-2026-1091 tar security update

GNU Tar provides the ability to create tar archives, as well as various other kinds of manipulation. For example, you can use Tar on previously created archives to extract files, to store additional files, or to update or list files which were already stored. Security Fixes: GNU Tar through 1.35...

OESA-2026-1072 gnupg2 security update

GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 also known as PGP. GnuPG enables encryption and signing of data and communication, and features a versatile key management system as well as access modules for public key directories. Security Fixes: In GnuP...

CVE-2026-0915

A flaw was found in glibc, the GNU C Library. When an application calls the getnetbyaddr or getnetbyaddrr functions to resolve a network address, and the system's nsswitch.conf file is configured to use a DNS Domain Name System backend for network lookups, a query for a zero-valued network can le...

EUVD-2026-2855

Calling getnetbyaddr or getnetbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver...