CVE-2026-21918

CVE-2026-21918 describes a Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX and MX Series. The issue allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS) by sending a specific sequence of TCP packets during session...

CVE-2026-21918 Junos OS: SRX and MX Series: When TCP packets occur in a specific sequence flowd crashes

A Double Free vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX and MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On all SRX and MX Series platforms, when during TCP session establishment a specific sequence of...

SUSE CVE-2025-68799

In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from this length without validating that len = 2. If an attacker sends ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002896)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002896 advisory. Race condition in the queuedelete function in sound/core/seq/seqqueue.c in the Linux kernel before 4.4.1 allows local users to cause a denial of service use-after-fr...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003033)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003033 advisory. An issue was discovered in the Linux kernel through 4.18.8. The vmacacheflushall function in mm/vmacache.c mishandles sequence number overflows. An attacker can...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002715)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002715 advisory. A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002322)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002322 advisory. The netgetrandomonce implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003500)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003500 advisory. The Linux kernel 4.15 has a Buffer Overflow via an SNDRVSEQIOCTLSETCLIENTPOOL ioctl write operation to /dev/snd/seq by a local user. Tenable has extracted the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002484)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002484 advisory. The netgetrandomonce implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003243)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003243 advisory. An issue was discovered in the Linux kernel through 4.18.8. The vmacacheflushall function in mm/vmacache.c mishandles sequence number overflows. An attacker can...

PT-2026-3130

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 22.4R3-S7 Juniper Networks Junos OS versions 23.2 before 23.2R2-S3 Juniper Networks Junos OS versions 23.4 before 23.4R2-S4 Juniper Networks Junos OS versions 24.2 before 24.2R2 Description A Double...

CVE-2025-68799

In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from this length without validating that len = 2. If an attacker sends ...

CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

UBUNTU-CVE-2025-71131

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

CVE-2025-71131 crypto: seqiv - Do not use req->iv after crypto_aead_encrypt

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req-iv after cryptoaeadencrypt As soon as cryptoaeadencrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req-iv after it returns is invalid. Instead o...

SUSE-SU-2026:20084-1 Security update for tomcat

This update for tomcat fixes the following issues: - Update to Tomcat 9.0.111 - Security fixes: - CVE-2025-55752: directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753. - CVE-2025-55754: improper neutralization of Escape, Meta, or Control Sequences vulnerability in Apache...

EUVD-2026-2635

EUVD-2026-2635...

MiracleLinux 3 : xterm-215-5AXS3.2 (AXSA:2009-04:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-04:01 advisory. The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the...

MiracleLinux 4 : libtasn1-2.3-3.AXS4.1 (AXSA:2012-480:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-480:01 advisory. This is the ASN.1 library used in GNUTLS. More up to date information can be found at http://www.gnu.org/software/gnutls and http://www.gnutls.org Security...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000585)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000585 advisory. Use-after-free vulnerability in the diskseqfstop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the...