338622 matches found
Unity Linux 20.1070e Security Update: openvpn (UTSA-2026-017760)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017760 advisory. An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using a victim's peer-id. Normally such packets are...
Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017703)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017703 advisory. In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Oplineplinedecode in H5Opline.c in libhdf5.a. For example, h5dump would crash when...
RHEL 9 : nginx:1.24 (RHSA-2026:15943)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:15943 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017449)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017449 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 8.0.26 and prior. Difficult to exploit...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017757)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017757 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Memcached. Supported versions that are affected are 8.0.25 and prior. Easily exploitable...
Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017710)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017710 advisory. An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5Ochunkdeserialize in H5Ocache.c. Tenable has extracted the preceding...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017690)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017690 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.22 and prior. Easily exploitable...
Unity Linux 20.1060e / 20.1070e Security Update: haproxy (UTSA-2026-017423)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017423 advisory. An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. An HTTP method name may contain a space followed by...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017771)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017771 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Logging. Supported versions that are affected are 8.0.21 and prior. Difficult to exploit...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017444)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017444 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.26 and prior. Easily exploitable...
RHEL 9 : skopeo (RHSA-2026:15941)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:15941 advisory. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify...
Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017594)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017594 advisory. libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the CURLOPTSSLCERT option --cert with the command li...
Unity Linux 20.1060e / 20.1070e Security Update: exiv2 (UTSA-2026-017657)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017657 advisory. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm quadratic...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017762)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017762 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.23 and prior. Easily exploitable...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017584)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017584 advisory. In the CropImage and CropImageToTiles routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavi...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-8255-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8255-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform...
RHEL 9 : nginx:1.24 (RHSA-2026:15945)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:15945 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017684)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017684 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017617)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017617 advisory. ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XMLPARSEHUGE is not properly restricted in coders/svg.c, related to SVG and...
Unity Linux 20.1060e / 20.1070e Security Update: redis (UTSA-2026-017593)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017593 advisory. Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debuggers...
Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017526)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017526 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
Linux Distros Unpatched Vulnerability : CVE-2026-8257
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in WebAssembly Binaryen up to 117. This issue affects the function IRBuilder::makeBrOn of the file src/wasm/wasm-ir-builder.cpp of...
Oracle Linux 10 : libsoup3 (ELSA-2026-15968)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-15968 advisory. - Add patches for CVE-2026-4271 and CVE-2026-5119 - Add patch for CVE-2026-1761 - Fix CVE-2026-0719 - Fix CVE-2025-14523 - Add patch for CVE-2025-121...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017668)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017668 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.23 and prior. Easily...
Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017505)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017505 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
Unity Linux 20.1060e / 20.1070e Security Update: containerd (UTSA-2026-017436)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017436 advisory. containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017766)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017766 advisory. In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c. Tenable has extracted the...
Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017508)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017508 advisory. A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. Tenable has...
Unity Linux 20.1070e Security Update: netty (UTSA-2026-017795)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017795 advisory. The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017753)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017753 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.23 and prior. Easily exploitable...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017577)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017577 advisory. A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior i...
Linux Distros Unpatched Vulnerability : CVE-2026-40612
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. In 1.8.1 and earlier, jvcontains recurses into nested arrays/objects with no depth limit. With a sufficiently nested input...
Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017688)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017688 advisory. A NULL pointer dereference in H5Osdspaceencode in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF...
Unity Linux 20.1060e / 20.1070e Security Update: openvswitch (UTSA-2026-017645)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017645 advisory. A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLV...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017794)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017794 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.22 and prior. Difficult to exploit...
Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017543)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017543 advisory. A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch-bvlen miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017570)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017570 advisory. When curl = 7.20.0 and = 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back...
Unity Linux 20.1060e / 20.1070e Security Update: openjpeg2 (UTSA-2026-017601)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017601 advisory. A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality,...
Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017504)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017504 advisory. curl 7.1.1 to and including 7.75.0 is vulnerable to an Exposure of Private Personal Information to an Unauthorized Actor by leaking credentials in the HTTP Referer:...
Unity Linux 20.1060e / 20.1070e Security Update: tomcat (UTSA-2026-017427)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017427 advisory. Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenS...
Unity Linux 20.1060e / 20.1070e Security Update: samba (UTSA-2026-017653)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017653 advisory. A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can cause invalid DN strings with spaces to instead write a...
Ubuntu 22.04 LTS / 24.04 LTS : Slurm vulnerabilities (USN-8236-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8236-1 advisory. It was discovered that Slurm did not correctly handle certain file system operations. An attacker could possibly use this issue to modify fil...
Unity Linux 20.1060e / 20.1070e Security Update: guava (UTSA-2026-017554)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017554 advisory. A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary...
Unity Linux 20.1060e / 20.1070e Security Update: wpa_supplicant (UTSA-2026-017501)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017501 advisory. The implementations of SAE and EAP-pwd in hostapd and wpasupplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differenc...
Unity Linux 20.1060e / 20.1070e Security Update: linuxptp (UTSA-2026-017411)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017411 advisory. A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker...
Unity Linux 20.1070e Security Update: xstream (UTSA-2026-017781)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017781 advisory. XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficien...
Unity Linux 20.1060e / 20.1070e Security Update: redis (UTSA-2026-017529)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017529 advisory. Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis 6.2 before 6.2....
Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017591)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017591 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017681)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017681 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.23 and prior. Easily exploitable...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017742)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017742 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.21 and prior. Easily exploitable...