108 matches found
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004380)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004380 advisory. A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstance...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004156)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004156 advisory. A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstance...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002647)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002647 advisory. The preparevmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the CR8-load exiting and CR8-store exiting L0 vmcs02 control...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003193)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003193 advisory. The preparevmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the CR8-load exiting and CR8-store exiting L0 vmcs02 control...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46707)
KVM: arm64: Make ICCSGIEL1 undef in the absence of a vGICv3 On a system with a GICv3, if a guest hasn't been configured with GICv3 and that the host is not capable of GICv2 emulation, a write to any of the ICCSGIEL1 registers is trapped to EL2. This plugin only works with Tenable.ot. Please visit...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libarchive (UTSA-2025-986114)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986114 advisory. listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact...
Security update for tiff
This update for tiff fixes the following issues: CVE-2025-9165: local execution manipulation leading to memory leak bsc1248330. CVE-2024-13978: null pointer dereference in component fax2ps bsc1247581 CVE-2025-8534: null pointer dereference in function PSLvl2page bsc1247582. CVE-2025-8961:...
SUSE-SU-2025:03348-1 Security update for tiff
This update for tiff fixes the following issues: - CVE-2025-9165: local execution manipulation leading to memory leak bsc1248330. - CVE-2024-13978: null pointer dereference in component fax2ps bsc1247581 - CVE-2025-8534: null pointer dereference in function PSLvl2page bsc1247582. - CVE-2025-8961:...
SUSE-SU-2025:03346-1 Security update for tiff
This update for tiff fixes the following issues: - CVE-2025-9165: local execution manipulation leading to memory leak bsc1248330. - CVE-2025-8534: null pointer dereference in function PSLvl2page bsc1247582. - CVE-2025-8961: segmentation fault via main function of tiffcrop utility bsc1248117...
CVE-2023-53208 KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...
CVE-2023-53208 KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state When emulating nested VM-Exit, load L1's TSC multiplier if L1's desired ratio doesn't match the current ratio, not if the ratio L1 is using for L2 diverges from...
Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity
Google on Tuesday announced that its new Google Pixel 10 phones support the Coalition for Content Provenance and Authenticity C2PA standard out of the box to verify the origin and history of digital content. To that end, support for C2PA's Content Credentials has been added to Pixel Camera and...
Linux Distros Unpatched Vulnerability : CVE-2011-0115
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated...
libtiff tiff2ps tiff2ps.c PS_Lvl2page null pointer dereference
...
OESA-2025-2049 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
Linux Distros Unpatched Vulnerability : CVE-2020-2732
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some...
Linux Distros Unpatched Vulnerability : CVE-2024-36965
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read fro...
LibTIFF 安全漏洞
LibTIFF is a LibTIFF open source library for reading and writing TIFF Tagged Image File Format files. The library contains some command line tools for working with TIFF files. LibTIFF version 4.6.0 has a security vulnerability that stems from a null pointer dereference in the function PSLvl2page ...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via iPSLvl2page while converting the image to PostScript Level 2 output. An attacker can cause denial of service by providing a specially crafted TIFF file. Note: This is only exploitable if DEFERSTRILELOAD...
SUSE-SU-2025:02428-1 Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059174 fixes several issues. The following security issues were fixed: - CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. - CVE-2022-49465: blk-throttle: Set BIOTHROTTLED when bio has been throttled bsc1238920. - CVE-2024-53214:...