Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001441)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001441 advisory. A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that functio...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414539)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414539 advisory. A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that functio...

CVE-2025-20313

Multiple vulnerabilities in Cisco IOS XE Software of could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. These vulnerabilities are due path...

CBL Mariner 2.0 Security Update: kernel (CVE-2021-4135)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-4135 advisory. - A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver i...

SUSE CVE-2021-4135

A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsimmapallocelem being called. A local user could use this flaw to get unauthorized access to some data...

A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data.

...

Ubuntu: Security Advisory (USN-5377-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5377-1 linux-bluefield vulnerabilities

It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 Yiqi Sun and Kevin Wang discovered that the...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5368-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5368-1 advisory. It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use thi...

USN-5368-1: Linux kernel vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-23222 It was discovered that the network traffic contro...

USN-5338-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gcp-5.4, linux-gke, lnux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 releaseagent feature. A local attacker could use this to gain administrative privileges. CVE-2022-0492 Jürgen Groß discovered that the Xen subsystem within the...

USN-5337-1: Linux kernel vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly restrict pointer types in certain situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-23222 Yiqi Sun and Kevin Wang discovered that the cgrou...

CVE-2021-43975

An out-of-bounds write flaw was found in the Linux kernel’s Aquantia AQtion Ethernet card Atlantic driver in the way the ethernet card provides malicious input to the driver. This flaw allows a local user to emulate the networking device and crash the system. The highest threat from this...

SSH Rate Limited Device

The remote host is a device that may rate limit connections, potentially causing intermittent authentication failures in other plugins. Local checks will be enabled in this plugin where possible. TRUSTED...

MikroTik RouterOS < 6.40.9 / 6.42.7 / 6.43 multiple vulnerabilities.

According to its self-reported version, the remote networking device is running a version of MikroTik prior to 6.40.9, 6.41.x 6.42.7, or 6.43. It, therefore, vulnerable to multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

Prowler - Distributed Network Vulnerability Scanner

Prowler is a Network Vulnerability Scanner implemented on a Raspberry Pi Cluster, first developed during Singapore Infosec Community Hackathon - HackSmith v1.0. Capabilities Scan a network a particular subnet or a list of IP addresses for all IP addresses associated with active network devices...

Cisco IOS XE Software Cross-Site Scripting Vulnerability (CNVD-2018-07636)

Cisco IOS XE Software is an operating system developed by Cisco for its network devices. A cross-site scripting vulnerability exists in the Web UI of Cisco IOS XE Software, which arises from the program's failure to adequately perform input validation on parameters sent to the affected software v...

Design/Logic Flaw

The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of 1 Router Advertisement and 2 Neighbor Discovery packets, which allows remote attackers to cause a denial of service resource...

Multiple networking devices fail to set the "Secure" attribute of a cookie

Overview Multiple vendors' networking devices fail to set the "Secure" cookie attribute and could disclose sensitive information about a user's HTTP session. Description Many networking devices provide a built-in web server, which may support the HTTPS protocol. When a user logs into the device...