Ubuntu: Security Advisory (USN-8166-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 24.04 LTS / 25.10 : RetroArch vulnerability (USN-8166-1)

The remote Ubuntu 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8166-1 advisory. It was discovered that RetroArch did not correctly handle certain memory operations, which could lead to a buffer overflow. If a user or automated system...

USN-8166-1 retroarch vulnerability

It was discovered that RetroArch did not correctly handle certain memory operations, which could lead to a buffer overflow. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary...

USN-8166-1: RetroArch vulnerability

It was discovered that RetroArch did not correctly handle certain memory operations, which could lead to a buffer overflow. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary...

Fedora 44 : retroarch (2026-5e8ffdd3b9)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5e8ffdd3b9 advisory. Automatic update for retroarch-1.22.0-20.fc44. Changelog Mon Jan 26 2026 Artem Polishchuk - 1.22.0-20 - Disable 7zip support due CVE - rhbz2432835 Tenable ha...

CVE-2021-28927

The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platformwin32.c via the accessibilityspeakwindows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code via command injection...

[SECURITY] Fedora 42 Update: retroarch-1.22.0-1.fc42

libretro is an API that exposes generic audio/video/input callbacks. A fronte nd for libretro such as RetroArch handles video output, audio output, input and application lifecycle. A libretro core written in portable C or C++ can run seamlessly on many platforms with very little to no porting...

[SECURITY] Fedora 43 Update: retroarch-1.22.0-1.fc43

libretro is an API that exposes generic audio/video/input callbacks. A fronte nd for libretro such as RetroArch handles video output, audio output, input and application lifecycle. A libretro core written in portable C or C++ can run seamlessly on many platforms with very little to no porting...

Fedora 43 : retroarch (2025-6e0627440a)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-6e0627440a advisory. Update to 1.22.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

Fedora 42 : retroarch (2025-dda924d757)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-dda924d757 advisory. Update to 1.22.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

EUVD-2021-15579

Malware in sbrugna...

EUVD-2025-1687

Malicious code in bioql PyPI...

EUVD-2025-25164

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-9136

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c...

SUSE CVE-2025-9136

A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...

CVE-2025-9136

A flaw was found in RetroArch. This vulnerability allows a local attacker to trigger an out-of-bounds read via a crafted input to the filestreamvscanf function in the libretro-common/streams/filestream.c file due to a missing initialization, resulting in a denial of service...

DEBIAN-CVE-2025-9136

A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...

UBUNTU-CVE-2025-9136

A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...

CVE-2025-9136

A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...

CVE-2025-9136 libretro RetroArch file_stream.c filestream_vscanf out-of-bounds

A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...