Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011241)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011241 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow A buffer overflow...

CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

CVE-2026-6483 Wavlink WL-WN530H4 internet.cgi snprintf os command injection

A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007492)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007492 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow A buffer overflow...

CVE-2026-25772 Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists in the Wazuh Database synchronization module wdbdeltaevent.c. The SQL query construction logic...

CVE-2026-25772

Wazuh before 4.14.3 contains a stack-based buffer overflow in the Wazuh Database synchronization module (wdb_delta_event.c) . The SQL query construction can underflow an internal remaining buffer size when the payload exceeds 2048 bytes, because the code incorrectly aggregates the return value of...

CVE-2026-25772 Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists in the Wazuh Database synchronization module wdbdeltaevent.c. The SQL query construction logic...

CVE-2026-25772 Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists in the Wazuh Database synchronization module wdbdeltaevent.c. The SQL query construction logic...

Oracle Linux 8 : util-linux (ELSA-2026-1852)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1852 advisory. 2.32.1-48.0.1 - Orabug 35995159 - report lost loop device 2.32.1-48 - fix RHEL-134296 - libblkid: use snprintf instead of sprintf - fix RHEL-133946 - login-util...

util-linux security update

2.40.2-15 - libblkid: use snprintf instead of sprintf 2.40.2-14 - Fix setpwnam buffer use CVE-2025-14104...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005104)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005104 advisory. In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf ...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005092)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005092 advisory. In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all...

curl: Stack Buffer Overflow in mprintf.c formatting function (fallback path)

Summary A stack-based buffer overflow exists in mprintf.c within the outdouble function. This vulnerability affects builds where HAVESNPRINTF is undefined, forcing the use of the legacy sprintf function. The logic responsible for calculating the maximum safe precision maxprec for floating-point...

SUSE CVE-2023-54179

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 may use index values 16..19. Use snprintf instead of sprintf...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992749)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992749 advisory. In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesse...

CVE-2023-54179

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 may use index values 16..19. Use snprintf instead of sprintf...

CVE-2023-54179

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 may use index values 16..19. Use snprintf instead of sprintf...

CVE-2023-54179 scsi: qla2xxx: Array index may go out of bound

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 may use index values 16..19. Use snprintf instead of sprintf...

Fedora 42 : util-linux (2025-fc18ab1e37)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-fc18ab1e37 advisory. - fix setpwnam buffer use CVE-2025-14104 - libblkid: use snprintf instead of sprintf Tenable has extracted the preceding description block directly from the...

CVE-2025-68118

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.20.0, a vulnerability exists in FreeRDP’s certificate handling code on Windows platforms. The function freerdpcertificatedatahash uses the Microsoft-specific snprintf function to format certificate cache filenames...