Azure File Sync Agent v22.0 Release – December 2025 (KB5056967)

Update Rollup for Azure File Sync agent version 22.0.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v22.0 Release – December 2025 (KB5056967)

Update Rollup for Azure File Sync agent version 22.0.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v22.0 Release – December 2025 (KB5056967)

Update Rollup for Azure File Sync agent version 22.0.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v22.0 Release – December 2025 (KB5056967)

Update Rollup for Azure File Sync agent version 22.0.0.0. For more details, see the associated Microsoft Knowledge Base article...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005073)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005073 advisory. In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdttrigger When the cpu5wdt module is...

RHEL 9 : kernel (RHSA-2026:1194)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1194 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ntbhwswitchtec: Fix...

CVE-2026-22995 ublk: fix use-after-free in ublk_partition_scan_work

In the Linux kernel, the following vulnerability has been resolved: ublk: fix use-after-free in ublkpartitionscanwork A race condition exists between the async partition scan work and device teardown that can lead to a use-after-free of ub-ubdisk: 1. ublkctrlstartdev schedules partitionscanwork...

CVE-2026-22995

The CVE concerns a Linux kernel race in ublk_partition_scan_work that can cause a use-after-free of ub->ub_disk due to a race between async partition scanning and device teardown. The vulnerability occurs when ublk_ctrl_start_dev() schedules partition_scan_work after add_disk(), and ublk_stop_...

java-17-openjdk security update

1:17.0.18.0.8-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.18.0.8-1 - Update to jdk-17.0.18+8 GA - Add to .gitignore openjdk-17.0.18+8.tar.xz - Sync java-17-openjdk-portable.specfile from openjdk-portable-rhel-8 - Set buildver to 8 - Set isga to 1 - Update sources to...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-35794)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35794 advisory. - In the Linux kernel, the following vulnerability has been resolved: dm-raid: really frozen syncthrea...

Azure Linux 3.0 Security Update: kernel (CVE-2024-56710)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56710 advisory. - In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37805)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37805 advisory. - In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix cancelsync warnings on...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-35808)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35808 advisory. - In the Linux kernel, the following vulnerability has been resolved: md/dm-raid: don't call...

SUSE CVE-2025-64118

node-tar is a Tar for Node.js. In 7.5.1, using .t aka .list with sync: true to read tar entry contents returns uninitialized memory contents if tar file was changed on disk to a smaller size while being read. This vulnerability is fixed in 7.5.2...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Flexense Syncbreeze

Exploit-CVE-2017-14980 PoC exploit para CVE-2017-14980 —...

MiracleLinux 7 : 389-ds-base-1.3.10.2-17.el7 (AXSA:2022-3917:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3917:03 advisory. 389-ds-base: SIGSEGV in syncrepl CVE-2022-2850 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 8 : 389-ds:1.4 (AXSA:2022-3938:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3938:01 advisory. 389-ds-base: SIGSEGV in syncrepl CVE-2022-2850 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 8 : kernel-4.18.0-553.16.1.el8_10 (AXSA:2024-8704:25)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8704:25 advisory. kernel: powerpc: Fix access beyond end of drmem array CVE-2023-52451 kernel: efivarfs: force RO when remounting if SetVariable is not supported...

CVE-2026-23844 Whisper Money has IDOR Vulnerability on sync/balances endpoint

Whisper Money is a personal finance application. Versions prior to 0.1.5 have an insecure direct object reference vulnerability. A user can update/create account balances in other users' bank accounts. Version 0.1.5 fixes the issue...

CVE-2026-23844 Whisper Money has IDOR Vulnerability on sync/balances endpoint

Whisper Money is a personal finance application. Versions prior to 0.1.5 have an insecure direct object reference vulnerability. A user can update/create account balances in other users' bank accounts. Version 0.1.5 fixes the issue...