Linux Distros Unpatched Vulnerability : CVE-2026-31415

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: avoid overflows in ip6datagramsendctl Yiming Qian reported : I believe I found a locally triggerable kernel bug in the IPv6 sendmsg ancillary-data path...

PT-2026-31784

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the WSGI-based recipe registry server server.py reads the entire HTTP request body into memory based on the client-supplied Content-Length header with no upper bound. Combined with authentication being disabled by default no token...

CVE-2026-20415

In imgsys, there is a possible memory corruption due to improper locking. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10363254; Issue ID: MSV-5617...

SUSE CVE-2025-28162

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer ASan, the program leaks memory in various locations, eventually leading to high memory usage and causing the program to become unresponsive...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000740)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000740 advisory. The hashaccept function in crypto/algifhash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service OOPS by attempting to trigger use of...

CVE-2025-48534

In getDefaultCBRPackageName of CellBroadcastHandler.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation...

Linux Distros Unpatched Vulnerability : CVE-2018-1000532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit...

PUB-A-384814655

In the function processcryptocmd, the values of ptrsi can be potentially equal to NULL which is valid value after calling slicemaparray. Later this values will be derefenced without prior NULL check, which can lead to local Temporary DoS or OOB Read, leading to information disclosure...

pam security update

1.5.1-21.0.1 - pamaccess: clean up the remote host matching code Orabug: 36771903 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.5.1-21 - pamunix: always run the helper to obtain shadow password file entries. CVE-2024-10041. Resolves: RHEL-62880 1.5.1-20 - libpam: support...

SUSE CVE-2024-28567

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the FreeImageCreateICCProfile function when reading images in TIFF format...

CVE-2024-5680

CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL call in the Foxboro.sys driver...

CVE-2024-36473

Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service DoS and under specific conditions can lead to elevation of privileges...

CVE-2024-36473

Affected software/versions: Trend Micro VPN Proxy One Pro, 5.8.1012 and below. What is vulnerable: an arbitrary file overwrite or create attack, leading to a local DoS and, under specific conditions, privilege elevation. Root cause / vector (as described): impact stems from the Vpn Background Con...

CVE-2024-36473

Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service DoS and under specific conditions can lead to elevation of privileges...

Oracle Linux 8 : pam (ELSA-2024-3163)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3163 advisory. - pamnamespace: protectdir: use ODIRECTORY to prevent local DoS situations. CVE-2024-22365. Resolves: RHEL-21242 Tenable has extracted the preceding description...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: GSM multiplexing race condition leads to privilege escalation CVE-2023-6546 kernel: multiple use-after-free vulnerabilities CVE-2024-1086, CVE-2023-3567, CVE-2023-4133, CVE-2023-6932,...

Updated pam packages fix a security vulnerability

The updated packages fix a security vulnerability: pamnamespace: protectdir: use ODIRECTORY to prevent local DoS situations. CVE-2024-22365...

Mageia: Security Advisory (MGASA-2024-0030)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: avahi security update

An update for avahi is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Out-of-bounds

In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed...