42 matches found
galera and mariadb11.8 security, bug fix, and enhancement update
An update is available for mariadb11.8, galera. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a community developed fork from MySQL - a multi-user,...
RLSA-2026:33464 Important: mariadb:10.11 security, bug fix, and enhancement update
MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB Server: Arbitrary code execution via wsrepnotifycmd CVE-2026-49261 Bug Fixes and Enhancements: Rocky Linux8tracker Rebase Galera to 26.4.27 MariaDB:10.11 JIRA:Rocky...
CVE-2025-52465
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.26.4 and 2.27.3, a vulnerability exists that allows an authenticated administrator with access to GeoServer's security system to pass arbitrary file names to the Master Password Dump web pa...
USN-8429-1 fastnetmon vulnerabilities
It was discovered that FastNetMon incorrectly validated prefix lengths when decoding BGP NLRI data. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. CVE-2026-48686 It was...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : strongSwan vulnerability (USN-8407-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8407-1 advisory. Elliott Childre discovered that strongSwan incorrectly handled the cloning of certain identities. A remote attacker could use this...
RockyLinux 9 : nginx:1.24 (RLSA-2026:19371)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19371 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the RockyLinux security...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Libgcrypt vulnerabilities (USN-8319-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8319-1 advisory. It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue t...
USN-8319-1 libgcrypt20 vulnerabilities
It was discovered that Libgcrypt incorrectly handled crafted ECDH ciphertext. An attacker could possibly use this issue to cause Libgcrypt to crash, resulting in a denial of service. CVE-2026-41989 It was discovered that Libgcrypt incorrectly handled Dilithium signing. An attacker could possibly...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : nginx vulnerability (USN-8271-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8271-1 advisory. It was discovered that the nginx ngxhttprewritemodule component incorrectly handled certain rewrite directives. A remote attacker...
CVE-2026-20696
An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...
EUVD-2026-29222
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service...
EUVD-2026-29223
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. An app may be able to circumvent App Privacy Report logging...
CVE-2026-28967
A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4. An attacker in a privileged network position may be able to cause a denial-of-service...
CVE-2026-28872
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service...
CVE-2026-28967
A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4. An attacker in a privileged network position may be able to cause a denial-of-service...
CVE-2026-28967
A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4. An attacker in a privileged network position may be able to cause a denial-of-service...
PT-2026-39766
Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.9 iOS versions prior to 26.4 iPadOS versions prior to 18.7.9 iPadOS versions prior to 26.4 Description An application may be able to circumvent App Privacy Report logging. This issue is addressed by implementing...
PT-2026-39813
A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4. An attacker in a privileged network position may be able to cause a denial-of-service...
PT-2026-39765
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service...
CVE-2026-40386 affecting package libexif for versions less than 0.6.24-3
CVE-2026-40386 affecting package libexif for versions less than 0.6.24-3. A patched version of the package is available...