urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

CLSA-2026-1769424492 gpsd-minimal: Fix of 2 CVEs

CVE-2025-67268: fix heap-based buffer overrun in NMEA2000 GNSS satellite handling - CVE-2025-67269: fix integer underflow in NAVCOM packet parsing to prevent excessive payload length and CPU-exhaustion...

CVE-2026-23005

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in guest XSAVE state whenever XFDi=1 When loading guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, clear XFD-disabled features in the saved or to be restored XSTATEBV...

SUSE SLES15 Security Update : kernel-firmware (SUSE-SU-2026:0216-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0216-1 advisory. - Update AMD CPU ucode to 20251203 bsc1256483 Tenable has extracted the preceding description block directly from the SUSE security advisory...

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the AccessTokenScopeCheck function. An attacker can obtain unauthorized access tokens with arbitrary scopes by supplying a specially crafted targetNF value. Remediation Upgrade...

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nftchainvalidate function potentially entering a recursive loop, which may lead to a CPU soft...

openjdk: Enhance Certificate Checking (Oracle CPU 2026-01)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 an...

SUSE-SU-2026:0246-1 Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.91 fixes various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. - CVE-2022-50409: net: If sock is dead don't access sock's skwq in...

Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.91 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50409: net: If sock is dead don't access sock's skwq in...

SUSE-SU-2026:0216-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: - Update AMD CPU ucode to 20251203 bsc1256483...

[SECURITY] Fedora 42 Update: mingw-libxslt-1.1.43-4.fc42

This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 =3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT engine...

SUSE SLES15 Security Update : kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:0185-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0185-1 advisory. This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.179 fixes various security issues The following security issues were fixed: ...

SUSE SLES15 Security Update : kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:0168-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0168-1 advisory. This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: ...

SUSE SLES15 Security Update : kernel (Live Patch 21 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2026:0173-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0173-1 advisory. This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.88 fixes various security issues The following security issues were fixed: -...

Azure Linux 3.0 Security Update: kernel (CVE-2024-36965)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36965 advisory. - In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buff...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37854)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37854 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mode1 reset crash issue ...

Security update for the Linux Kernel (Live Patch 73 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.275 fixes various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1254451. CVE-2022-50367: fs: fix UAF/GPF bug in nilfsmdtdestroy bsc1250280...

SUSE SLES15 Security Update : kernel (Live Patch 36 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:0163-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0163-1 advisory. This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.150 fixes various security issues The following security issues were fixed: ...

ROS-20260121-73-0037

A vulnerability in the x86/mm component of the Linux operating system kernel is related to a flaw in the data security mechanism. Exploitation of the vulnerability could allow an attacker to cause a denial of service...