Linux Distros Unpatched Vulnerability : CVE-2026-50262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a...

Linux Distros Unpatched Vulnerability : CVE-2026-42779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fix for CVE-2026-41635 was not applied to the 2.1.X and 2.2.X branches. Here was the original issue description: Apache MINA's AbstractIoBuffer.resolveClass...

CVE-2026-41688

Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the incomplete SSRF fix in Wallos validates webhook URLs via gethostbyname but passes the original hostname to cURL without CURLOPTRESOLVE pinning on 10 of 11 outbound HTTP endpoints, leaving a DNS...

Linux Distros Unpatched Vulnerability : CVE-2023-2455

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific...

Linux Distros Unpatched Vulnerability : CVE-2022-49810

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfs: Fix missing xasretry calls in xarray iteration netfslib has a number of places in which it performs iteration of an xarray whilst being under the RCU rea...

Linux Distros Unpatched Vulnerability : CVE-2024-44942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to do sanity check on F2FSINLINEDATA flag in inode during GC syzbot reports a f2fs bug as below: ------------ cut here ------------ kernel BUG at...

Fedora 37 : squid (2022-102c59d287)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-102c59d287 advisory. - version update to 5.7. - security fixes CVE-2022-41317 Tenable has extracted the preceding description block directly from the Fedora security...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0011)

The remote OracleVM system is missing necessary patches to address security updates: 4.1.12-124.89.4- isdn: mISDN: netjet: Fix crash in njprobe: Zheyu Ma Orabug: 36940405 CVE-2021-47284- tracing: Restructure traceclockglobal to never block Steven Rostedt VMware Orabug: 36940388 CVE-2021-46939- ud...

OracleVM 3.4 : kernel-uek (OVMSA-2024-0003)

The remote OracleVM system is missing necessary patches to address security updates: - An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service panic because inputsetcapability mishandles the situation in which an event code...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0016)

The remote OracleVM system is missing necessary patches to address security updates: - A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the driver, resulting in ...

Oracle Solaris Critical Patch Update : jul2023_SRU11_4_59_144_2

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the MySQL Enterprise Monitor product of Oracle MySQL component: Monitoring: General Apache Tomcat. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0004)

The remote OracleVM system is missing necessary patches to address security updates: - An out-of-bounds memory access flaw was found in the Linux kernel Intel's iSMT SMBus host controller driver in the way a user triggers the I2CSMBUSBLOCKDATA with the ioctl I2CSMBUS with malicious input data. Th...

OracleVM 3.4 : kernel-uek (OVMSA-2023-0001)

The remote OracleVM system is missing necessary patches to address security updates: - An issue was found in the Linux kernel in nfconntrackirc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IR...

Implement Risk-Based Vulnerability Management with Qualys TruRisk™: Part 3

In this final blog of the series, we will discuss the importance of implementing effective risk-based remediation strategies to reduce the risk of vulnerabilities being exploited in your environment. In the earlier blogs, we covered how to operationalize Qualys TruRisk and to effectively visualiz...

OracleVM 3.4 : kernel-uek (OVMSA-2022-0032)

The remote OracleVM system is missing necessary patches to address security updates: - A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their...

OracleVM 3.4 : kernel-uek (OVMSA-2022-0026)

The remote OracleVM system is missing necessary patches to address security updates: - The imonprobe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other...

OracleVM 3.4 : kernel-uek (OVMSA-2022-0019)

The remote OracleVM system is missing necessary patches to address security updates: - Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the badflpintr function. By executing a specially-crafted program, an attacker...

CVE-2020-36549

A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed...

CVE-2020-36549

CVE-2020-36549 affects GE Voluson S8 running on Windows XP. The documented issue is a privilege-management–related vulnerability that requires local network access and may allow a total impact on confidentiality, integrity, and availability. Several sources note missing patches may increase the a...

OracleVM 3.4 : xen (OVMSA-2022-0012)

The remote OracleVM system is missing necessary patches to address security updates: - Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XENDMOPtrackdirtyvram was named HVMOPtrackdirtyvram before Xen 4.9 is racy with ongoing log dir...