RHEL 7 / 8 / 9 : java-11-openjdk ELS (RHSA-2026:0847)

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0847 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This...

MiracleLinux 9 : webkit2gtk3-2.46.1-2.el9_4 (AXSA:2024-8945:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8945:04 advisory. webkitgtk: webkit2gtk: Use after free may lead to Remote Code Execution CVE-2024-40776 webkitgtk: webkit2gtk: Processing maliciously crafted web...

Metasploit Wrap-Up 01/16/2026

Persistence, dMSA Abuse & RCE Goodies This week, we have received a lot of contributions from the community, such as h00die, Chocapikk and countless others, which is greatly appreciated. This week’s modules and improvements in Metasploit Framework range from new modules, such as dMSA Abuse...

CVE-2024-44210

This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data...

CVE-2024-44210

This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data...

MiracleLinux 4 : pacemaker-1.1.10-14.AXS4.2 (AXSA:2014-039:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-039:01 advisory. Pacemaker is an advanced, scalable High-Availability cluster resource manager for Linux-HA Heartbeat and/or Corosync. It supports n-node clusters with...

MiracleLinux 4 : sudo-1.7.4p5-7.AXS4 (AXSA:2011-635:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2011-635:01 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...

Security update for cheat (important)

openSUSE Security Update: Security update for cheat Announcement ID: openSUSE-SU-2025:0492-1 Rating: important References: 1247629 1253593 1253922 1254051 Cross-References: CVE-2023-48795 CVE-2025-21613 CVE-2025-21614 CVE-2025-22869 CVE-2025-22870 CVE-2025-47913 CVE-2025-47914 CVE-2025-58181 CVSS...

SUSE SLES15 / openSUSE 15 Security Update : golang-github-prometheus-alertmanager (SUSE-SU-2025:4481-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:4481-1 advisory. - Update to version 0.28.1 jscPED-13285: Improved performance of inhibition rules when using Equal labels. Improve the documentation on...

OPENSUSE-SU-2025:20177-1 Security update for cheat

This update for cheat fixes the following issues: - Security: CVE-2025-47913: Fix client process termination bsc1253593 CVE-2025-58181: Fix potential unbounded memory consumption bsc1253922 CVE-2025-47914: Fix panic due to an out of bounds read bsc1254051 Replace...

CVE-2025-46283

A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.2. An app may be able to access sensitive user data...

SUSE SLES16 Security Update : keylime (SUSE-SU-2025:21194-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:21194-1 advisory. Update to version 7.13.0+40. Security issues fixed: - CVE-2025-13609: possible agent identity takeover due to registrar allowing t...

Security update for keylime (critical)

openSUSE security update: security update for keylime ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20159-1 Rating: critical References: bsc1237153 bsc1254199 Cross-References: CVE-2025-1057 CVE-2025-13609 CVSS scores: CVE-2025-13609 SUSE : 9...

CVE-2025-43511

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43509

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access sensitive user data...

CVE-2025-43466

CVE-2025-43466 concerns an injection issue in macOS Tahoe that was addressed by improved input validation. The Apple security content for macOS Tahoe 26.1 states the fix and notes that an app may be able to access sensitive user data. The CVE entry is tied to macOS Tahoe 26.1, with the issue desc...

CLSA-2025-1765287210 tracker-miners: Fix of CVE-2023-5557

CVE-2023-5557: fix seccomp rules, backport fix for CVE-2023-5557 added improvements from upstream regards seccomp...

December 9, 2025—Hotpatch KB5071413 (OS Build 20348.4467)

December 9, 2025—Hotpatch KB5071413 OS Build 20348.4467 This Hotpatch update for Windows Server 2022 KB5071413, improves functionality, performance, and reliability. To learn more about differences between security updates, optional non-security preview updates, out-of-band OOB updates, and...

November 11, 2025—Hotpatch KB5068840 (OS Build 20348.4346)

November 11, 2025—Hotpatch KB5068840 OS Build 20348.4346 To learn more about differences between security updates, optional non-security preview updates, out-of-band OOB updates, and continuous innovation, see Windows monthly updates explained. For information on Windows update terminology, see t...

Oracle Linux 10 : expat (ELSA-2025-21030)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21030 advisory. - Fix CVE-2025-59375 - backport allocation tracking improvements Tenable has extracted the preceding description block directly from the Oracle Linux security...