Unity Linux 20.1060e / 20.1070e Security Update: virglrenderer (UTSA-2026-017549)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017549 advisory. A NULL pointer dereference in vrendrenderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands. Tenable has...

Unity Linux 20.1060e / 20.1070e Security Update: tomcat (UTSA-2026-017616)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017616 advisory. The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration...

Unity Linux 20.1060e / 20.1070e Security Update: wpa_supplicant (UTSA-2026-017609)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017609 advisory. In p2pcopyclientinfo of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device i...

Unity Linux 20.1060e / 20.1070e Security Update: binutils (UTSA-2026-017409)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017409 advisory. An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to...

Unity Linux 20.1060e / 20.1070e Security Update: php (UTSA-2026-017496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017496 advisory. In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filtervar$url, FILTERVALIDATEURL, PHP will accept an URL wi...

Unity Linux 20.1050e / 20.1070e Security Update: iSulad (UTSA-2026-017406)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017406 advisory. Time-of-check Time-of-use TOCTOU Race Condition vulnerability in openEuler iSulad on Linux allows Leveraging Time-of-Check and Time-of-Use TOCTOU Race Conditions. Th...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017740)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017740 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Partition. Supported versions that are affected are 8.0.23 and prior. Easily exploitable...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017723)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017723 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.23 and prior. Easily...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017647 advisory. A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in sRGBTransformImage in the MagickCore/colorspace.c may trigger undefined behavi...

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017710)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017710 advisory. An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5Ochunkdeserialize in H5Ocache.c. Tenable has extracted the preceding...

Unity Linux 20.1060e / 20.1070e Security Update: SDL (UTSA-2026-017580)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017580 advisory. SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MSADPCMdecode in audio/SDLwave.c. Tenable has extracted the...

Unity Linux 20.1060e / 20.1070e Security Update: flatpak (UTSA-2026-017552)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017552 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In Flatpack since version 0.9.4 and before version 1.10.2 has a...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017449)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017449 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 8.0.26 and prior. Difficult to exploit...

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017572 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017761)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017761 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: X Plugin. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...

Unity Linux 20.1060e / 20.1070e Security Update: openjpeg2 (UTSA-2026-017502)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017502 advisory. A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some case...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017455)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017455 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable...

Unity Linux 20.1060e / 20.1070e Security Update: ncurses (UTSA-2026-017429)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017429 advisory. An issue was discovered in ncurses through v6.2-1. nccaptoinfo in captoinfo.c has a heap-based buffer overflow. Tenable has extracted the preceding description block...

Unity Linux 20.1060e / 20.1070e Security Update: guava (UTSA-2026-017554)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017554 advisory. A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary...

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017688)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017688 advisory. A NULL pointer dereference in H5Osdspaceencode in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF...