12159 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-bottle (UTSA-2026-016605)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016605 advisory. Bottle before 0.12.20 mishandles errors during early request binding. Tenable has extracted the preceding description block directly from the Unity Linux security...
Unity Linux 20.1060e / 20.1070e Security Update: gnome-autoar (UTSA-2026-016654)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016654 advisory. autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it...
Unity Linux 20.1060e / 20.1070e Security Update: gnome-autoar (UTSA-2026-016668)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016668 advisory. autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it...
Unity Linux 20.1060e / 20.1070e Security Update: rubygem-rails (UTSA-2026-016651)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016651 advisory. A deserialization of untrusted data vulnernerability exists in rails 5.2.4.3, rails 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in...
Unity Linux 20.1070e Security Update: xmlgraphics-commons (UTSA-2026-016739)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016739 advisory. Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...
Unity Linux 20.1070e Security Update: cfitsio (UTSA-2026-016766)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016766 advisory. In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An...
Unity Linux 20.1060e / 20.1070e Security Update: avalon-logkit (UTSA-2026-016650)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016650 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...
Unity Linux 20.1070e Security Update: libEMF (UTSA-2026-016703)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016703 advisory. libEMF aka ECMA-234 Metafile Library through 1.0.11 allows out-of-bounds memory access. Tenable has extracted the preceding description block directly from the Unity...
Unity Linux 20.1070e Security Update: aspell (UTSA-2026-016693)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016693 advisory. objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::duptop called from acommon::StringMap::add and acommon::Config::lookuplist...
Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016771)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016771 advisory. An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsxvalloc macro that wraps malloc. Whe...
Unity Linux 20.1070e Security Update: jgroups (UTSA-2026-016741)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016741 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...
Unity Linux 20.1070e Security Update: mysql-connector-java (UTSA-2026-016694)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016694 advisory. Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 8.0.15 and prior. Difficult to...
Unity Linux 20.1070e Security Update: log4j (UTSA-2026-016725)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016725 advisory. It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non- default configurations. This could allows attackers with...
Unity Linux 20.1070e Security Update: festival (UTSA-2026-016710)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016710 advisory. festivalserver in Centre for Speech Technology Research CSTR Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LDLIBRARYPATH,...
Unity Linux 20.1060e / 20.1070e Security Update: PackageKit (UTSA-2026-016629)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016629 advisory. PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable ...
Unity Linux 20.1060e / 20.1070e Security Update: ant (UTSA-2026-016612)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016612 advisory. When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memor...
Unity Linux 20.1070e Security Update: springframework (UTSA-2026-016742)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016742 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-paramiko (UTSA-2026-016596)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016596 advisory. In Paramiko before 2.10.1, a race condition between creation and chmod in the writeprivatekeyfile function could allow unauthorized information disclosure. Tenable h...
Unity Linux 20.1060e / 20.1070e Security Update: jboss-logging (UTSA-2026-016641)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016641 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...
Unity Linux 20.1070e Security Update: mod_fcgid (UTSA-2026-016767)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016767 advisory. A security Bypass vulnerability exists in the FcgidPassHeader Proxy in modfcgid through 2016-07-07. Tenable has extracted the preceding description block directly fr...