2103 matches found
List of Security Fixes and Improvements in Veeam ONE
Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam ONE. This article aims to provide our customers' security and compliance teams with detailed information on security improvements between releases to help them make an informed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint – Fix for misused goto labels. A misused goto label jump can lead to a memory leak. This issue has been addressed...
Astra Linux – Vulnerability in sssd
A flaw was discovered in SSSD, where the sssctl command was vulnerable to shell command injection through the logs-fetch and cache-expire subcommands. This flaw allows an attacker to trick the root user into executing a specially crafted sssctl command, such as using sudo, in order to gain root...
PT-2026-41991
In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: bind (UTSA-2026-021471)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021471 advisory. If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are...
CVE-2026-4890
A Denial of Service DoS vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet...
Important: Red Hat Security Advisory: sudo security update
An update for sudo is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as havi...
OESA-2026-2171 sssd security update
Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...
OESA-2026-2170 sssd security update
Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...
OESA-2026-2169 sssd security update
Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...
CLSA-2026-1777482027 sssd: Fix of 2 CVEs
CVE-2018-10852: create the sudo responder socket with stricter permissions - CVE-2019-3811: do not return "/" as the home directory when the user has no homedir configured...
SUSE CVE-2026-6245
A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...
EUVD-2026-23032
A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...
DEBIAN-CVE-2026-6245
A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...
CVE-2026-6245
A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...
CVE-2026-6245 Sssd: out-of-bounds read in the sssd
A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...
CVE-2026-6245 Sssd: out-of-bounds read in the sssd
A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...
CVE-2026-6245
A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...
CVE-2026-6245
A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...
RLSA-2026:8155 Important: bind9.16 security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...