AZL-74988 CVE-2025-55130 affecting package nodejs for versions less than 20.14.0-13

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

CVE-2025-55130

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

CVE-2025-55130

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

MiracleLinux 9 : dpdk-21.11.2-1.el9 (AXSA:2023-5000:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5000:03 advisory. dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 DPDK: out-of-bounds read/write in...

OESA-2026-1111 libpcap security update

This is the official web site of tcpdump, a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture. Security Fixes: pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000890)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000890 advisory. The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic an...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001340 advisory. An issue was discovered in Linux: KVM through Improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still...

Oracle Linux 8 : openssl (ELSA-2026-50008)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50008 advisory. - Backport fix for Out-of-bounds read & write in RFC 3211 KEK Unwrap Fix CVE-2025-9230 Resolves: RHEL-128613 Tenable has extracted the preceding description...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004217)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004217 advisory. In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsemdownwriteslowpath use-after-free because in rwsemcanspinonowner in...

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003342)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003342 advisory. Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server nfsd that can...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003142)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003142 advisory. Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server nfsd that can...

EulerOS 2.0 SP10 : openssl (EulerOS-SA-2026-1055)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and writ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002647 advisory. The preparevmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the CR8-load exiting and CR8-store exiting L0 vmcs02 control...

A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave

Posted by Seth Jenkins With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what kind of Linux kernel drivers might be accessible from the resulting userland context, the mediacodec context. As per the AOSP documentation, the mediacodec SELinux context is...

MiracleLinux 3 : systemtap-1.6-7.AXS3 (AXSA:2012-344:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-344:01 advisory. SystemTap is an instrumentation system for systems running Linux 2.6. Developers can write instrumentation to collect data on the operation of the system...

CVE-2025-71065 f2fs: fix to avoid potential deadlock

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock As Jiaming Zhang and syzbot reported, there is potential deadlock in f2fs as below: Chain exists of: &sbi-cprwsem -- fsreclaim -- sbinternal2 Possible unsafe locking scenario: CPU0 CPU1 ----...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...