AlmaLinux 9 : kernel (ALSA-2026:24381)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24381 advisory. kernel: smb: client: fix OOB reads parsing symlink error response CVE-2026-31613 kernel: Buffer overflow in drivers/xen/sys-hypervisor.c CVE-2026-31786...

AlmaLinux 9 : redis (ALSA-2026:23229)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:23229 advisory. redis: RESTORE invalid memory access may allow remote code execution CVE-2026-25243 Tenable has extracted the preceding description block directly from the...

AlmaLinux 9 : poppler (ALSA-2026:25058)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:25058 advisory. poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication CVE-2026-10118 Tenabl...

AlmaLinux 9 : expat (ALSA-2026:23230)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:23230 advisory. libexpat: denial of service via crafted XML input CVE-2026-45186 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 9 : kernel (ALSA-2026:21556)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21556 advisory. kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when settin...

AlmaLinux 9 : mysql (ALSA-2026:23332)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:23332 advisory. mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026 CVE-2026-22001 mysql...

AlmaLinux 9 : mod_http2 (ALSA-2026:22551)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:22551 advisory. httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 9 : libexif (ALSA-2026:22553)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:22553 advisory. libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling CVE-2026-40385 libexif: libexif: Denial of Service...

AlmaLinux 9 : .NET 9.0 (ALSA-2026:21296)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:21296 advisory. dotnet: .NET: infinite loop allows an attacker to cause a denial of service CVE-2026-42899 Tenable has extracted the preceding description block directly from the...

AlmaLinux 9 : firefox (ALSA-2026:21378)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21378 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

AlmaLinux 9 : openssl (ALSA-2026:22312)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:22312 advisory. openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing CVE-2026-28390 Tenable has extracted the preceding description...

AlmaLinux 9 : thunderbird (ALSA-2026:21381)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:21381 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

AlmaLinux 9 : cockpit (ALSA-2026:21468)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:21468 advisory. cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI CVE-2026-4802 Tenable has extracted the preceding description block directly fro...

AlmaLinux 9 : ruby:4.0 (ALSA-2026:20596)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:20596 advisory. ruby/json: Ruby JSON: Denial of Service or Information Disclosure via format string injection CVE-2026-33210 erb: ERB: Arbitrary code execution via...

AlmaLinux 9 : firefox (ALSA-2026:20574)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:20574 advisory. firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox...

CLSA-2026-1779465287 Update of tomcat

Bump leading release to maintain monotonic rpm-version ordering in the AlmaLinux 9.2 ESU update stream...

AlmaLinux 9 : jq (ALSA-2026:16693)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16693 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON objec...

AlmaLinux 9 : libpng (ALSA-2026:14791)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:14791 advisory. libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion CVE-2026-33636 Tenable has extracted the...

AlmaLinux 9 : openexr (ALSA-2026:15887)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:15887 advisory. OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file CVE-2026-34588 Tenable has extracted the preceding description block...

AlmaLinux 9 : ALSA-2026:A005kernel (ALSA-2026:A005)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:A005 advisory. kernel: xfrm: esp: avoid in-place decrypt on shared skb frags CVE-2026-43284 Tenable has extracted the preceding description block directly from the AlmaLinux...