Ubuntu: Security Advisory (USN-8019-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : tracker-miners vulnerabilities (USN-8019-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8019-1 advisory. Fatih elik discovered that tracker-miners incorrectly handled certain malformed MP3 files. An attacker could use this issue to cause...

USN-8019-1: tracker-miners vulnerabilities

Fatih Çelik discovered that tracker-miners incorrectly handled certain malformed MP3 files. An attacker could use this issue to cause tracker-miners to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-8019-1 tracker-miners vulnerabilities

Fatih Çelik discovered that tracker-miners incorrectly handled certain malformed MP3 files. An attacker could use this issue to cause tracker-miners to crash, resulting in a denial of service, or possibly execute arbitrary code...

PT-2026-6872

Name of the Vulnerable Software and Affected Versions tracker-extract version 3.7.1-1ubuntu0.1 tracker-miner-fs version 3.7.1-1ubuntu0.1 Description The software can crash when processing specific malformed MP3 files. This could lead to a denial of service or potentially allow for arbitrary code...

Debian dsa-6121 : libtomcat11-embed-java - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6121 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6121-1 [email protected] https://www.debian.org/securit...

Linux Distros Unpatched Vulnerability : CVE-2026-1764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a...

Linux Distros Unpatched Vulnerability : CVE-2026-1767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker- extract-mp3 component. A remote attacker could exploit this...

CVE-2026-1767

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

CVE-2026-1766

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...

Eventum 3.3.4 Open Redirection

An open redirection vulnerability exists in Eventum Issue Tracker version 3.3.4. The vulnerability allows remote attackers to redirect users to arbitrary external websites. This issue is older research added to the archive...

GNOME localsearch 安全漏洞

GNOME localsearch is a file search engine developed under the GNOME open-source framework. GNOME localsearch has a security vulnerability, which stems from a buffer overflow issue during the processing of specially crafted MP3 files by the tracker-extract-mp3 module. This vulnerability could lead...

Malicious Package

Overview @smt-front/tracker is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Debian dsa-6115 : gimp - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6115 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6115-1 [email protected] https://www.debian.org/security/...

Debian dla-4456 : openjdk-17-dbg - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4456 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4456-1 [email protected]...

SUSE CVE-2025-71152

In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...

CVE-2025-62077

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SEOSEON EUROPE S.L Affiliate Link Tracker affiliate-link-tracker allows Stored XSS.This issue affects Affiliate Link Tracker: from n/a through = 0.2...

AZL-77319 CVE-2025-71152 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...

UBUNTU-CVE-2025-71152

In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...

CVE-2025-71152 net: dsa: properly keep track of conduit reference

In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...