Unity Linux 20.1060e / 20.1070e Security Update: cifs-utils (UTSA-2026-016660)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016660 advisory. A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host...

[SECURITY] [DSA 6246-1] openjdk-25 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6246-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 03, 2026 https://www.debian.org/security/faq -...

Medium: cifs-utils

Issue Overview: A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentia...

Amazon Linux 2023 : cifs-utils, cifs-utils-devel, cifs-utils-info (ALAS2023-2026-1597)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1597 advisory. A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. Thi...

[SECURITY] [DSA 6231-1] openjdk-21 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6231-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 27, 2026 https://www.debian.org/security/faq -...

Important: Red Hat Security Advisory: OpenJDK 8u492 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

Cleartext Transmission of Sensitive Information

Overview org.graalvm.sdk:graal-sdk is a high-performance JDK distribution designed to accelerate the execution of applications written in Java and other JVM languages along with support for JavaScript, Ruby, Python, and a number of other popular languages. Affected versions of this package are...

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.232.b09-1.AXS4 (AXSA:2019-4356:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4356:04 advisory. OpenJDK: Improper handling of Kerberos proxy credentials Kerberos, 8220302 CVE-2019-2949 OpenJDK: Unexpected exception thrown during regular...

EUVD-2021-7651

Malicious code in bioql PyPI...

EUVD-2025-15114

Malicious code in bioql PyPI...

CVE-2025-8904

Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR versio...

CVE-2025-8904 Privilege escalation issue in Amazon EMR Secret Agent component

Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR versio...

CVE-2025-8904

The CVE-2025-8904 issue involves Amazon EMR Secret Agent storing Kerberos credentials in a keytab file under /tmp, which could be accessed by other users and lead to privilege escalation. Affected software: Amazon EMR Secret Agent component. Root cause: keytab with Kerberos credentials is written...

freeIPA: idm: Privilege escalation from host to domain admin in FreeIPA

A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the krbCanonicalName for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a...

USN-7536-2: cifs-utils regression

USN-7536-1 fixed vulnerabilities in cifs-utils. This update introduced a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos...

USN-7536-2 cifs-utils regression

USN-7536-1 fixed vulnerabilities in cifs-utils. This update introduced a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos...

USN-7536-1: cifs-utils vulnerability

It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos credentials. An attacker could possibly use this issue to obtain sensitive information...

USN-7536-1 cifs-utils vulnerability

It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos credentials. An attacker could possibly use this issue to obtain sensitive information...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : cifs-utils vulnerability (USN-7536-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by a vulnerability as referenced in the USN-7536-1 advisory. It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos credentials. An attacker could possibly u...

openSUSE Security Advisory (SUSE-SU-2025:1381-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...