346 matches found
Medium: libssh
Issue Overview: libssh: SCP Protocol Path Traversal in sshscppullrequest CVE-2026-0964 libssh: Specially crafted patterns could cause DoS CVE-2026-0967 Affected Packages: libssh Issue Correction: Run dnf update libssh --releasever 2023.10.20260325 or dnf update --advisory ALAS2023-2026-1472...
Medium: golang
Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...
Moderate: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Security update for util-linux
This update for util-linux fixes the following issues: CVE-2026-3184: Fix full hostname usage for PAM to ensure correct access control for "login -h" bsc1258859. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Important: Red Hat Security Advisory: rhc security update
An update for rhc is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
Google on Thursday released security updates for its Chrome web browser to address two high-severity vulnerabilities that it said have been exploited in the wild. The list of vulnerabilities is as follows - CVE-2026-3909 CVSS score: 8.8 - An out-of-bounds write vulnerability in the Skia 2D graphi...
openSUSE Security Advisory (SUSE-SU-2026:0856-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: python-pyasn1 security update
An update for python-pyasn1 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
openSUSE Security Advisory (SUSE-SU-2026:0803-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Low: firefox
Issue Overview: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005661)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005661 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix BUGON condition in btrfscancelbalance Pausing and canceling balance can race to...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005578)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005578 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use two-phase skb reclamation in ieee80211dostop Since 'devqueuexmit' should be...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005800)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005800 advisory. In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fix null-ptr-deref in az6007i2cxfer In az6007i2cxfer, msg is controlled by user...
SUSE-SU-2026:0803-1 Security update for util-linux
This update for util-linux fixes the following issues: - CVE-2026-3184: Fix full hostname usage for PAM to ensure correct access control for 'login -h' bsc1258859...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005404)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005404 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: fix BUGON condition in btrfscancelbalance Pausing and canceling balance can race to...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005602)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005602 advisory. In the Linux kernel, the following vulnerability has been resolved: net: add vlangetprotocolanddepth helper Before blamed commit, pskbmaypull was used instead of...
Unity Linux 20.1060e / 20.1070e Security Update: wireshark (UTSA-2026-005363)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005363 advisory. In Wireshark through 3.2.7, the Facebook Zero Protocol aka FBZERO dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by...
Photon OS 5.0: Linux PHSA-2026-5.0-0770
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0770. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Important: Red Hat Security Advisory: munge security update
An update for munge is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syste...
Important: cuda-compat
Issue Overview: NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of servic...