200 matches found
MiracleLinux 9 : gvisor-tap-vsock-0.7.3-5.el9_4.ML.1 (AXSA:2024-8751:04)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8751:04 advisory. golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24783 Tenable has extracted the preceding description block...
MiracleLinux 9 : gvisor-tap-vsock-0.7.3-3.el9_4.ML.1 (AXSA:2024-8444:02)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8444:02 advisory. golang: net/http: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 CVE-2023-45290 When parsing a multipart form either explicitly with...
MiracleLinux 9 : gvisor-tap-vsock-0.7.3-4.el9_4.ML.1 (AXSA:2024-8546:03)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8546:03 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Tenable has extracted the preceding description block directly...
MiracleLinux 9 : gvisor-tap-vsock-0.8.5-1.el9_5 (AXSA:2025-9855:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9855:01 advisory. golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh CVE-2025-22869 Tenable has extracted the preceding description bloc...
MiracleLinux 9 : gvisor-tap-vsock-0.8.5-2.el9_6 (AXSA:2025-10539:04)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10539:04 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...
MiracleLinux 9 : gvisor-tap-vsock-0.8.5-1.el9_6 (AXSA:2025-10485:03)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10485:03 advisory. golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh CVE-2025-22869 Tenable has extracted the preceding description blo...
TencentOS Server 4: gvisor-tap-vsock (TSSA-2025:0380)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0380 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 4: gvisor (TSSA-2025:0330)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0330 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Pack-A-Mal: A Malware Analysis Framework for Open-Source Packages
The increasingly sophisticated environment in which attackers operate makes software security an even greater challenge in open-source projects, where malicious packages are prevalent. Static analysis tools, such as Malcontent, are highly useful but are often incapable of dealing with obfuscated...
RockyLinux 10 : gvisor-tap-vsock (RLSA-2025:7484)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7484 advisory. golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh CVE-2025-22869 Tenable has extracted the preceding description block...
AlmaLinux 10 : gvisor-tap-vsock (ALSA-2025:9151)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9151 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly fr...
EUVD-2018-8205
Malware in sbrugna...
EUVD-2018-12736
Malware in sbrugna...
EUVD-2018-11031
Malware in sbrugna...
RLSA-2025:9150 Moderate: gvisor-tap-vsock security update
A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in...
gvisor-tap-vsock security update
An update is available for gvisor-tap-vsock. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A replacement for libslirp and VPNKit, written in pure Go. It is bas...
RockyLinux 9 : gvisor-tap-vsock (RLSA-2025:9150)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9150 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly fr...
RockyLinux 10 : gvisor-tap-vsock (RLSA-2025:9151)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9151 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly...
EUVD-2024-33023
Malicious code in bioql PyPI...
EUVD-2025-8644
Malicious code in bioql PyPI...