189 matches found
CVE-2026-6477 PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory
Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...
MAL-2026-3330 Malicious code in seek-pass (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df5ea10e9459dff09eeff2b45d93b1ffa2458c8b38b7625850b5f2564e3d000f The package seek-pass was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in seek-pass (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df5ea10e9459dff09eeff2b45d93b1ffa2458c8b38b7625850b5f2564e3d000f The package seek-pass was found to contain malicious code. Source: ossf-package-analysis...
Astra Linux - уязвимость в libarchive
A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, allowin...
EulerOS Virtualization 2.10.0 : libarchive (EulerOS-SA-2026-1176)
According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling...
MiracleLinux 7 : libarchive-3.1.2-14.0.1.el7.AXS7 (AXSA:2025-10515:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10515:01 advisory. CVE-2025-5914: fix double free with over 4 billion nodes CVEs: CVE-2025-5914 A vulnerability has been identified in the libarchive library, specifically...
EulerOS Virtualization 2.13.1 : libarchive (EulerOS-SA-2025-2548)
According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdta...
JLSEC-2025-245 A vulnerability has been identified in the libarchive library, specifically within the archive_read_...
A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enablin...
TencentOS Server 2: libarchive (TSSA-2025:0784)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0784 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
EUVD-2014-0201
Malware in sbrugna...
EUVD-2020-3430
Malware in sbrugna...
EUVD-2020-3436
Malware in sbrugna...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libarchive (UTSA-2025-986117)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986117 advisory. A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer overflow...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libarchive (UTSA-2025-986102)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986102 advisory. A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer overflow...
RockyLinux 9 : libarchive (RLSA-2025:14130)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:14130 advisory. libarchive: Double free at archivereadformatrarseekdata in archivereadsupportformatrar.c CVE-2025-5914 Tenable has extracted the preceding description block...
OESA-2025-2248 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...
OESA-2025-2245 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...
Security update for go1.25
This update for go1.25 fixes the following issues: Update to go1.25.1, released 2025-09-03 bsc1244485. Security issues fixed: CVE-2025-47910: net/http: CrossOriginProtection insecure bypass patterns not limited to exact matches bsc1249141. Other issues fixed: go74822 cmd/go: "get toolchain@latest...
Linux Distros Unpatched Vulnerability : CVE-2020-6619
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stb stbtruetype.h through 1.22 has an assertion failure in stbttbufseek. CVE-2020-6619 Note that Nessus relies on the presence of the package as reported by the...
Linux Distros Unpatched Vulnerability : CVE-2024-33259
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component scannerseek at jerry-core/parser/js/js-scanner-util.c...