Azure Linux 3.0 Security Update: ant / javapackages-bootstrap (CVE-2021-36373)

The version of ant / javapackages-bootstrap installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-36373 advisory. - When reading a specially crafted TAR archive an Apache Ant build can be made to alloca...

[SECURITY] [DLA 4076-1] linux-6.1 security update

Debian LTS Advisory DLA-4076-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings March 01, 2025 https://wiki.debian.org/LTS Package : linux-6.1 Version : 6.1.6.1.128-1deb11u1 CVE ID : CVE-2022-49034 CVE-2023-52916 CVE-2023-52926 CVE-2024-26595 CVE-2024-27407...

DLA-4075-1 linux - security update

Bulletin has no description...

SUSE SLED15: libX11-6 / libX11-6-32bit / libX11-data / libX11-devel / etc (SUSE-SU-2025:0739-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0739-1 advisory. - CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead to buffer overflows in...

Azure Linux 3.0 Security Update: expat / python3 (CVE-2024-28757)

The version of expat / python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28757 advisory. - libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external...

CVE-2022-49470

CVE-2022-49470 concerns the Linux kernel Bluetooth subsystem, specifically the btmtksdio driver. The provided sources confirm a concrete issue: use-after-free involving the skb/data in btmtksdio_recv_event after hci_recv_frame is called, leading to a KASAN report. The impact is high (CVE score 7....

CVE-2022-49088

CVE-2022-49088 affects the Linux kernel: a refcount leak in dpaa2_ptp_probe where the of_find_compatible_node() result is returned with an incremented refcount. The fix is to call of_node_put() to release the reference and avoid the leak. References point to kernel patches that implement this cor...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from an error code returned by the LSM module when handling the mount option leading to caller confusion and...

Slackware: Security Advisory (SSA:2025-056-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2025:0690-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Azure Linux 3.0 Security Update: binutils (CVE-2025-1181)

The version of binutils installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1181 advisory. - A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the...

Azure Linux 3.0 Security Update: cloud-hypervisor-cvm / openssl (CVE-2024-12797)

The version of cloud-hypervisor-cvm / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12797 advisory. - Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server M...

Azure Linux 3.0 Security Update: netplan (CVE-2022-4968)

The version of netplan installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4968 advisory. - netplan leaks the private key of wireguard to local users. Versions after 1.0 are not affected. CVE-2022-496...

[SECURITY] Fedora 40 Update: openssh-9.6p1-2.fc40

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

Debian: Security Advisory (DLA-4062-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Azure Linux 3.0 Security Update: avahi (CVE-2024-52616)

The version of avahi installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-52616 advisory. - A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup,...

Azure Linux 3.0 Security Update: postgresql (CVE-2025-1094)

The version of postgresql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1094 advisory. - Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral,...

Azure Linux 3.0 Security Update: lua / memcached / ntopng (CVE-2021-43519)

The version of lua / memcached / ntopng installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-43519 advisory. - Stack overflow in luaresume of ldo.c in Lua Interpreter 5.1.05.4.4 allows attackers to...

SUSE SLES15: grub2 / grub2-arm64-efi / grub2-i386-pc / grub2-powerpc-ieee1275 / etc (SUSE-SU-2025:0588-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0588-1 advisory. - CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 - CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 ...

Oracle Linux 9 : doxygen (ELSA-2025-1329)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1329 advisory. 1:1.9.1-12 - Resolves: RHEL-78146, CVE-2020-11023, CVE-2020-11022 Tenable has extracted the preceding description block directly from the Oracle Linux security...