RHEL 9 : jq (RHSA-2025:10613)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10613 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...

RHEL 9 : jq (RHSA-2025:10615)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:10615 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...

RHEL 8 : jq (RHSA-2025:10618)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10618 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...

ALSA-2025:10585 Moderate: jq security update

jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fixes: jq: jq has signed integer...

AlmaLinux 9 : iputils (ALSA-2025:9432)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9432 advisory. iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping CVE-2025-47268 Tenable has extracted the preceding description block directly from the...

Oracle Linux 10 : iputils (ELSA-2025-9421)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9421 advisory. 20240905-2.1 - Fix CVE-2025-47268 iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping RHEL-94582 Tenable has extracted the preceding...

RHEL 9 : iputils (RHSA-2025:9432)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:9432 advisory. The iputils packages contain basic utilities for monitoring a network, including ping. Security Fixes: iputils: Signed Integer Overflow in Timestamp...

Moderate: Red Hat Security Advisory: iputils security update

An update for iputils is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

ALSA-2025:9421 Moderate: iputils security update

The iputils packages contain basic utilities for monitoring a network, including ping. Security Fixes: iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping CVE-2025-47268 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

PT-2025-26690 · Llama.Cpp · Llama.Cpp

Name of the Vulnerable Software and Affected Versions: llama.cpp version prior to b5721 Description: The issue is related to a signed vs. unsigned integer overflow in the llama vocab::tokenize function of llama.cpp's tokenizer implementation, resulting in unintended behavior during token copying...

ALSA-2025:9432 Moderate: iputils security update

The iputils packages contain basic utilities for monitoring a network, including ping. Security Fixes: iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping CVE-2025-47268 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

Moderate: iputils security update

The iputils packages contain basic utilities for monitoring a network, including ping. Security Fixes: iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping CVE-2025-47268 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

CVE-2022-49964

In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fwlevel Though acpifindlastcachelevel always returned signed value and the document states it will return any errors caused by lack of a PPTT table, it...

Security update for freetype2

This update for freetype2 fixes the following issues: CVE-2025-23022: signed integer overflow in cf2doFlex in cff/cf2intrp.c. bsc1235670 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can ru...

SUSE CVE-2025-22059

In the Linux kernel, the following vulnerability has been resolved: udp: Fix multiple wraparounds of sk-skrmemalloc. udpenqueuescheduleskb has the following condition: if atomicread&sk-skrmemalloc sk-skrcvbuf goto drop; sk-skrcvbuf is initialised by net.core.rmemdefault and later can be configure...

Amazon Linux 2 : freetype (ALAS-2025-2806)

The version of freetype installed on the remote host is prior to 2.8-14. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2806 advisory. FreeType 2.8.1 has a signed integer overflow in cf2doFlex in cff/cf2intrp.c. CVE-2025-23022 An out of bounds write exists ...

Important: freetype

Issue Overview: FreeType 2.8.1 has a signed integer overflow in cf2doFlex in cff/cf2intrp.c. CVE-2025-23022 An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code...

CVE-2023-52979

...

Privilege Escalation

github.com/containerd/containerd is vulnerable to Privilege Escalation. The vulnerability is due to an integer overflow and improper handling of UID:GID values larger than the maximum 32-bit signed integer, allowing containers to run as root UID 0...

Linux Distros Unpatched Vulnerability : CVE-2024-58017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. ...