4991 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000672)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000672 advisory. Integer overflow in the pinginitsock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service use-after-free an...
MiracleLinux 4 : libvirt-0.10.2-29.5.0.1.AXS4 (AXSA:2014-076:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-076:01 advisory. Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003740)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003740 advisory. An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aalabelparse fails in aaauditruleinit in security/apparmor/audit.c. Tenable...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003858)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003858 advisory. The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250core.c:serial8250isainitports that allows local users ...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004142)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004142 advisory. An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aalabelparse fails in aaauditruleinit in security/apparmor/audit.c. Tenable...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004422)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004422 advisory. In the Linux kernel before 5.1.6, there is a use-after-free in serialirinitmodule in drivers/media/rc/serialir.c. Tenable has extracted the preceding description blo...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002943)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002943 advisory. The digiportinit function in drivers/usb/serial/digiacceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002366)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002366 advisory. Integer overflow in the pinginitsock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service use-after-free an...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002810)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002810 advisory. The ext4fillsuper function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002508)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002508 advisory. The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privilege...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003138)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003138 advisory. The cryptoskcipherinittfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows loca...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002161)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002161 advisory. Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001916)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001916 advisory. The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003556)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003556 advisory. The blkcginitqueue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service double free or possibly have...
kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()
A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...
CVE-2025-14173
The Perfit WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. This is due to missing authorization checks on the logout function called via the actions function hooked to admininit. This makes it possible for unauthenticated...
CVE-2025-14173 Perfit WooCommerce <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Plugin Settings Deletion
The Perfit WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. This is due to missing authorization checks on the logout function called via the actions function hooked to admininit. This makes it possible for unauthenticated...
kernel: RDMA/rxe: Fix mr->map double free
A double-free vulnerability was found in the Linux kernel RDMA RXE soft-RoCE driver's memory region handling. A local user with access to RDMA userspace verbs can register a memory region with parameters that cause initialization to fail, triggering error handling code that frees the mr-map...
kernel: RDMA/rxe: Fix mr->map double free
A double-free vulnerability was found in the Linux kernel RDMA RXE soft-RoCE driver's memory region handling. A local user with access to RDMA userspace verbs can register a memory region with parameters that cause initialization to fail, triggering error handling code that frees the mr-map...
kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()
A use-after-free vulnerability was found in the Ceph client session initialization in the Linux kernel. The havemonandosdmap function checks map epochs without holding the appropriate locks, racing with concurrent map updates that free the old map. This can result in dereferencing freed memory...