Cisco Unified Communications Products Code Injection Vulnerability

Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance contain a code injection...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: mingw-expat (UTSA-2026-004807)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004807 advisory. An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMA...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: mingw-expat (UTSA-2026-004806)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004806 advisory. An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. Tenable has extracted the preceding description...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: mingw-expat (UTSA-2026-004808)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004808 advisory. An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003824)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003824 advisory. An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511modeinitregs and ov518modeinitregs...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000620)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000620 advisory. Multiple integer overflows in the lzo1xdecompresssafe function in lib/lzo/lzo1xdecompresssafe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000587)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000587 advisory. The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service integer overflow,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003694)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003694 advisory. In the Linux kernel before 5.1.17, ptracelink in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001399)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001399 advisory. A kernel information leak flaw was identified in the scsiioctl function in drivers/scsi/scsiioctl.c in the Linux kernel. This flaw allows a local attacker with a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001243)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001243 advisory. In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with fhid. Tenable has extracted the precedin...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003822)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003822 advisory. Two memory leaks in the sja1105staticconfigupload function in drivers/net/dsa/sja1105/sja1105spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001251)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001251 advisory. An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land an...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003911)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003911 advisory. KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stac...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001425)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001425 advisory. Rogue backends can cause DoS of guests via high frequency events This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilitie...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003646)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003646 advisory. An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003620)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003620 advisory. A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attack...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001018)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001018 advisory. arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001053)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001053 advisory. In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000730)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000730 advisory. The fusefillwritepages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service infinite loop via a writev system ca...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003598)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003598 advisory. There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to...