367374 matches found
PT-2026-52920
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f030f7418d "iommu/vt-d: Avoid use of NULL after WARN ON ONCE" fixed a NULL pointer dereference in an unlikely situation partly. If dev pasid is not found ...
PT-2026-52946
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the pinconf generic parse dt pinmux function where it assumes the pinmux property is not empty when present. If the pinmux property is empty, the allocator returns a...
PT-2026-52922
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookup amd iommu iommu device register walks every device on the PCI bus via bus for each dev and calls amd iommu probe device for each. The inlined check device path computes the device's sbdf,...
PT-2026-52941
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the eip93 hmac setkey function where it incorrectly uses the CRYPTO ALG ASYNC mask when allocating a temporary ahash transform. Because EIP93 hash algorithms are...
PT-2026-53018
Summary LinkifyIt.prototype.match — the package's primary public API — has ON² algorithmic complexity for inputs containing many fuzzy links or emails. This is not a regex backtrack bug; it's a structural issue in the JS-level scan loop that re-slices the input and re-runs unanchored regex search...
SUSE SLES15 Security Update : libarchive (SUSE-SU-2026:2599-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2599-1 advisory. This update for libarchive fixes the following issues - CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches...
Oracle Linux 8 : libpng (ELSA-2026-29898)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-29898 advisory. 2:1.6.37-11 - fix CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE RHEL-161344 Tenable has extracted the preceding description...
AlmaLinux 9 : libpng15 (ALSA-2026:28244)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:28244 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 Tenable has extracted the preceding description block directly from th...
Oracle Linux 9 : opencryptoki (ELSA-2026-28256)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-28256 advisory. - Resolves: RHEL-171562, Fix CVE-2026-40253, possible out-of-bounds access in BER decode functions Tenable has extracted the preceding description block direct...
SUSE SLES15 : Recommended update for initial livepatch (SUSE-SU-2026:2591-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2591-1 advisory. This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later...
SUSE SLES15 Security Update : nodejs24 (SUSE-SU-2026:2633-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2633-1 advisory. This update for nodejs24 fixes the following issues Update to 24.17.0: - CVE-2026-2581: undici: Undici: Denial of Service due to...
SUSE SLES12 Security Update : graphite2 (SUSE-SU-2026:2474-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2474-1 advisory. This update for graphite2 fixes the following issue - CVE-2026-50593: Out-of-bounds write via Graphite actions bsc1267733. Tenable has extracted the...
Fedora 43 : util-linux (2026-a7ff7017ee)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a7ff7017ee advisory. upstream upgrade with security fixes: - CVE-2026-53612 - libmount: TOCTOU attack via ancestor directory swap during mount - CVE-2026-53613 - libmoun...
SUSE SLES12 Security Update : libxslt (SUSE-SU-2026:2585-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2585-1 advisory. This update for libxslt fixes the following issue - CVE-2023-40403: Processing web content may disclose sensitive information bsc1238591. Tenable has...
SUSE SLES16 Security Update : graphite2 (SUSE-SU-2026:22191-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:22191-1 advisory. This update for graphite2 fixes the following issue - CVE-2026-50593: Out-of-bounds write via Graphite actions bsc1267733. Tenable has...
Oracle Linux 9 : krb5 (ELSA-2026-19357)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19357 advisory. 1.21.1-10.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-10 - Fix NegoEx parsing vulnerabilities CVE-2026-40355, CVE-2026-40356...
SUSE SLES15 Security Update : terraform-provider-local, terraform-provider-null (SUSE-SU-2026:2484-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2484-1 advisory. This update for terraform-provider-local, terraform-provider-null fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infini...
Oracle Linux 9 : podman (ELSA-2026-26445)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-26445 advisory. - Rebuild for CVE-2026-32283 - Rebuild for CVE-2026-25679 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...
SUSE SLES16 Security Update : libcaca (SUSE-SU-2026:22175-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:22175-1 advisory. This update for libcaca fixes the following issue - CVE-2026-42046: an integer overflow vulnerability in libcaca's canvas import...
SUSE SLES15 Security Update : kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:2610-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2610-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.50 fixes various security issues The following security issues were fixed: -...