ROS-20260120-7330

A vulnerability in the usbfindcommonendpoints function of the USB driver drivers/usb/atm/cxacru.c of the Linux kernel is related to insufficient input validation during endpoint processing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

MiracleLinux 8 : squid:4 (AXSA:2021-2820:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2820:01 advisory. squid: denial of service in URN processing CVE-2021-28651 squid: denial of service issue in Cache Manager CVE-2021-28652 squid: denial of service in...

MiracleLinux 7 : java-11-openjdk-11.0.14.0.9-1.el7 (AXSA:2022-3015:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3015:03 advisory. OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Incorrect reading of TIFF...

MiracleLinux 9 : edk2-20230524-4.el9 (AXSA:2023-6904:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6904:04 advisory. edk2: Function GetEfiGlobalVariable2 return value not checked in DxeImageVerificationHandler CVE-2019-14560 openssl: Possible DoS translating ASN.1...

SUSE-SU-2026:0166-1 Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.147 fixes various security issues The following security issues were fixed: - CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. - CVE-2022-50327: ACPI: processor: idle:...

SUSE-SU-2026:0163-1 Security update for the Linux Kernel (Live Patch 36 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.150 fixes various security issues The following security issues were fixed: - CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. - CVE-2022-50327: ACPI: processor: idle:...

USN-7967-1: Avahi vulnerabilities

It was discovered that Avahi incorrectly terminated when processing browser records with wide-area disabled. An attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service. CVE-2025-68276 It was discovered that Avahi incorrectly terminated when processing...

Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing

...

MiracleLinux 8 : exiv2-0.27.2-5.el8, gegl-0.2.0-39.el8, gnome-color-manager-3.28.0-3.el8, libgexiv2-0.10.8-4.el8 (AXSA:2020-556:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-556:01 advisory. exiv2: infinite loop and hang in Jp2Image::readMetadata in jp2image.cpp could lead to DoS CVE-2019-20421 exiv2: null pointer dereference in the...

MiracleLinux 7 : squid-3.5.20-15.el7 (AXSA:2020-4563:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4563:01 advisory. squid: Incorrect pointer handling when processing ESI Responses can lead to denial of service CVE-2018-1000024 squid: Incorrect pointer handling in...

MiracleLinux 8 : libxml2-2.9.7-9.el8.2 (AXSA:2021-2193:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2193:02 advisory. libxml2: Use-after-free in xmlEncodeEntitiesInternal in entities.c CVE-2021-3516 libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal in...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the LoadFontData function. An attacker can cause memory corruption or unexpected behavior by providing crafted input that triggers an integer overflow during font data processing. This is only...

PT-2026-3528

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-13 and 6.9.13-38 Description ImageMagick is a free and open-source software used for editing and manipulating digital images. A heap buffer overflow vulnerability exists in the XBM image decoder ReadXBMImage...

EUVD-2026-3128

A vulnerability was detected in kalcaddle kodbox up to 1.61.10. This issue affects some unknown processing of the file /?explorer/index/zip of the component Compression Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may b...

CVE-2025-14822

Mattermost versions 10.11.x = 10.11.8 fail to validate input size before processing hashtags which allows an authenticated attacker to exhaust CPU resources via a single HTTP request containing a post with thousands space-separated tokens...

Libsoup: out-of-bounds read in libsoup websocket frame processing

...

CVE-2025-14234

Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06.02 and...

CVE-2025-14232

Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06.02...

Open5GS security vulnerabilities

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.5 and earlier contain security vulnerabilities. These vulnerabilities stem from unknown handling by the timer processing program, which may lead...

CVE-2026-21920

An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If an SRX Series device configured for DNS processing, receives a specifically formatted DNS request flowd will...