AlmaLinux 8 : mingw-freetype (ALSA-2025:8292)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:8292 advisory. freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files CVE-2025-27363 libsoup: Integer...

AlmaLinux 8 : firefox (ALSA-2025:8308)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:8308 advisory. firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details CVE-2025-5267 firefox: thunderbird: Potential local...

AlmaLinux 8 : kernel-rt (ALSA-2025:8247)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8247 advisory. kernel: wifi: rtw89: Fix array index mistake in rtw89stainfogetiter CVE-2024-43842 Tenable has extracted the preceding description block directly from the AlmaLinu...

AlmaLinux 8 : kernel (ALSA-2025:8246)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8246 advisory. kernel: wifi: rtw89: Fix array index mistake in rtw89stainfogetiter CVE-2024-43842 Tenable has extracted the preceding description block directly from the AlmaLinu...

AlmaLinux 9 : unbound (ALSA-2025:8197)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8197 advisory. unbound: Unbounded name compression could lead to Denial of Service CVE-2024-8508 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : kernel (ALSA-2025:8142)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8142 advisory. kernel: cifs: Fix integer overflow while processing acregmax mount option CVE-2025-21964 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : gstreamer1-plugins-bad-free (ALSA-2025:8201)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8201 advisory. GStreamer: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-3887 Tenable has extracted the preceding descripti...

AlmaLinux 9 : python-tornado (ALSA-2025:8136)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:8136 advisory. tornado: Tornado Multipart Form-Data Denial of Service CVE-2025-47287 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 9 : gstreamer1-plugins-bad-free (ALSA-2025:8183)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8183 advisory. GStreamer: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-3887 Tenable has extracted the preceding descripti...

AlmaLinux 9 : grafana (ALSA-2025:7893)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7893 advisory. grafana: Cross-site Scripting XSS in Grafana via Custom Frontend Plugins and Open Redirect CVE-2025-4123 Tenable has extracted the preceding description block...

AlmaLinux 9 : osbuild-composer (ALSA-2025:7425)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7425 advisory. golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing CVE-2025-30204 Tenable has extracted the preceding description block directly from...

AlmaLinux 9 : kernel (ALSA-2025:7903)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7903 advisory. kernel: vsock: Keep the binding until socket destruction CVE-2025-21756 kernel: dm-flakey: Fix memory corruption in optional corruptbiobyte feature...

AlmaLinux 9 : ghostscript (ALSA-2025:7422)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7422 advisory. ghostscript: dangling pointer in gdevprnopenprinterseekable CVE-2023-46751 ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling...

AlmaLinux 9 : kernel (ALSA-2025:7423)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7423 advisory. kernel: iouring/sqpoll: zero sqd-thread on tctx errors CVE-2025-21633 kernel: soc: qcom: socinfo: Avoid out of bounds read of serial number CVE-2024-58007...

AlmaLinux 9 : 389-ds-base (ALSA-2025:7395)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7395 advisory. 389-ds-base: null pointer dereference leads to denial of service CVE-2025-2487 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 8 : libsoup (ALSA-2025:8132)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:8132 advisory. libsoup: Heap buffer over-read in skipinsignificantspace when sniffing content CVE-2025-2784 libsoup: Denial of Service attack to websocket server...

AlmaLinux 9 : skopeo (ALSA-2025:7397)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7397 advisory. go-jose: Go JOSE's Parsing Vulnerable to Denial of Service CVE-2025-27144 Tenable has extracted the preceding description block directly from the AlmaLinux securit...

AlmaLinux 9 : yelp (ALSA-2025:7430)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7430 advisory. yelp: Arbitrary file read CVE-2025-3155 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus has n...

AlmaLinux 9 : firefox (ALSA-2025:8049)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:8049 advisory. firefox: Out-of-bounds access when resolving Promise objects CVE-2025-4918 firefox: Out-of-bounds access when optimizing linear sums CVE-2025-4919 Tenable...

AlmaLinux 8 : kernel-rt (ALSA-2025:8057)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:8057 advisory. kernel: net/mlx5: Always stop health timer during driver removal CVE-2024-40906 kernel: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink CVE-2024-4497...