Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000785)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000785 advisory. Format string vulnerability in the b43requestfirmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9...

MiracleLinux 4 : coreutils-8.4-31.2.0.1.AXS4 (AXSA:2014-028:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-028:01 advisory. These are the GNU core utilities. This package is the combination of the old GNU fileutils, sh-utils, and textutils packages. Security issues fixed...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001480)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001480 advisory. A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003938)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003938 advisory. A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules...

MiracleLinux 7 : udisks2-2.7.3-9.el7 (AXSA:2019-4045:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4045:02 advisory. udisks: Format string vulnerability in udiskslog in udiskslogging.c CVE-2018-17336 Tenable has extracted the preceding description block directly from the...

PT-2026-3322

CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitControl method has a cross-site-scripting vulnerability via query string parameter manipulation. This issue has been fixed in 5.2.12 and 5.3.1...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004449)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004449 advisory. A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules...

Active Job - Object injection security vulnerability

Active Job vulnerability: An Active Job bug allowed String arguments to be deserialized as if they were Global IDs, an object injection security vulnerability...

CVE-2025-68816

A flaw was found in the Linux kernel's mlx5 firmware tracer. A malicious or compromised firmware can provide specially crafted format strings to the tracer. Due to insufficient validation of these parameters, this can lead to system crashes, resulting in a Denial of Service DoS, or potentially...

net/mlx5: fw_tracer, Validate format string parameters

...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1091)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: drop UFO packets in udprcvsegmentCVE-2025-38622 A transient execution vulnerability in some AMD processors may allow an attacker to infer dat...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002103)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002103 advisory. fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to...

PT-2026-3011

Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain unauthorized access...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002476)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002476 advisory. Format string vulnerability in the b43requestfirmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002193)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002193 advisory. Format string vulnerability in the registerdisk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002490)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002490 advisory. Format string vulnerability in the registerdisk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002008)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002008 advisory. Format string vulnerability in the b43requestfirmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002859)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002859 advisory. The tipcnlcompatlinkdump function in net/tipc/netlinkcompat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to...

CVE-2026-22211

TinyOS versions up to and including 2.1.2 contain a global buffer overflow vulnerability in the printfUART formatted output implementation used within the ZigBee / IEEE 802.15.4 networking stack. The implementation formats output into a fixed-size global buffer and concatenates strings for %s...

UBUNTU-CVE-2025-71123

In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...