CVE-2025-32915 Sensitive data exposed during automatic agent updates

Packages downloaded by Checkmk's automatic agent updates on Linux and Solaris have incorrect permissions in Checkmk 2.4.0p1, 2.3.0p32, 2.2.0p42 and = 2.1.0p49 EOL. This allows a local attacker to read sensitive data...

CVE-2012-2859

Google Chrome before 21.0.1180.57 on Linux does not properly handle tabs, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors...

Oracle Linux 9 : gstreamer1, / gstreamer1-plugins-bad-free, / gstreamer1-plugins-ugly-free, / and / gstreamer1-rtsp-server (ELSA-2025-7178)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7178 advisory. gstreamer1 1.22.12-3 - Rebuild - Resolves: RHEL-38511, RHEL-41157 1.22.12-2 - Rebuild - Resolves: RHEL-38511, RHEL-41157 1.22.12-1 - Update to 1.22.12...

Oracle Linux 9 : vim (ELSA-2025-7440)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7440 advisory. 8.2.2637-22.0.1 - Remove upstream references Orabug: 31197557 2:8.2.2637-22 - RHEL-2159 vim: Heap Use After Free in function inscomplgetexp in vim/vim Tenable h...

CVE-2007-4936

Unspecified vulnerability in Office Efficiencies SafeSquid 4.1.x has unknown impact and attack vectors, related to a "serious security flaw," possibly specific to Linux...

CVE-2008-0732

The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories...

CVE-1999-0245

Some configurations of NIS+ in Linux allowed attackers to log in as the user "+"...

USN-7510-5 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

USN-7510-4 linux-intel-iot-realtime, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

DEBIAN-CVE-2025-37942

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Make sure to fetch pool before checking SIMULTANEOUSMAX As noted by Anssi some 20 years ago, pool report is sometimes messed up. This worked fine on many devices but casued oops on VRS DirectForce PRO. Here, we're...

Mageia: Security Advisory (MGASA-2025-0158)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: mm: call the security_mmap_file() LSM hook in remap_file_pages()

A flaw was found in the remapfilepages function in mm/mmap.c in the Linux kernel, where it does not properly restrict execute access. This vulnerability allows local users to bypass intended SELinux W^X policy restrictions...

Eclipse Jetty DoS Vulnerability (GHSA-889j-63jv-qhr8) - Linux

Eclipse Jetty is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...

Alibaba Cloud Linux 3 : 0042: gupnp (ALINUX3-SA-2021:0042)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0042 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-33516: An issue was discovered in GUPnP...

Alibaba Cloud Linux 3 : 0108: GNOME (ALINUX3-SA-2022:0108)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0108 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2018-20337: There is a stack-based...

Mageia: Security Advisory (MGASA-2025-0155)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-202505-02 : Mozilla Firefox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202505-02 Mozilla Firefox: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description...

Mageia: Security Advisory (MGASA-2025-0151)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

perl security update

An update is available for perl. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Perl is a high-level programming language that is commonly used for system...

tcpdump security update

An update is available for tcpdump. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The tcpdump packages contain the tcpdump utility for monitoring network...