AlmaLinux 8 : tigervnc (ALSA-2025:2502)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:2502 advisory. X.Org: Xwayland: Use-after-free of the root cursor CVE-2025-26594 xorg: xwayland: Use-after-free in SyncInitTrigger CVE-2025-26601 xorg: xwayland:...

AlmaLinux 8 : .NET 8.0 (ALSA-2025:7589)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7589 advisory. dotnet: .NET and Visual Studio Spoofing Vulnerability CVE-2025-26646 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 9 : webkit2gtk3 (ALSA-2025:2035)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:2035 advisory. webkitgtk: Processing maliciously crafted web content may lead to memory corruption CVE-2024-54543 webkitgtk: A maliciously crafted webpage may be able to...

AlmaLinux 8 : rsync (ALSA-2025:2600)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:2600 advisory. rsync: Path traversal vulnerability in rsync CVE-2024-12087 rsync: --safe-links option bypass leads to path traversal CVE-2024-12088 rsync: Race Condition...

AlmaLinux 8 : postgresql:12 (ALSA-2025:3082)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:3082 advisory. postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation CVE-2025-1094 Tenable has extracted the preceding...

AlmaLinux 8 : python39:3.9 (ALSA-2025:4791)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:4791 advisory. modwsgi: Trusted Proxy Headers Removing Bypass CVE-2022-2255 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

ALSA-2025:7107 Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

ALSA-2025:7350 Moderate: perl-Module-ScanDeps security update

This module scans potential modules used by perl programs and returns a hash reference. Its keys are the module names as they appear in %INC e.g. Test/More.pm. The values are hash references. Security Fixes: module-scandeps: local privilege escalation via unsanitized input CVE-2024-10224 For more...

AlmaLinux 8 : thunderbird (ALSA-2025:4797)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:4797 advisory. firefox: thunderbird: Privilege escalation in Firefox Updater CVE-2025-2817 firefox: thunderbird: Unsafe attribute access during XPath parsing CVE-2025-40...

ALSA-2025:7094 Moderate: aardvark-dns security update

Authoritative DNS server for A/AAAA container records Forwards other request to configured resolvers. Read more about configuration in src/backend/mod.rs. Security Fixes: containers/aardvark-dns: TCP Query Handling Flaw in Aardvark-dns Leading to Denial of Service CVE-2024-8418 For more details...

ALSA-2025:7049 Moderate: python-requests security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Moderate: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: crypto/tls: panic when processing post-handshake message on QUIC connections...

ALSA-2025:7256 Moderate: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: crypto/tls: panic when processing post-handshake message on QUIC connections...

ALSA-2025:7147 Moderate: rpm-ostree security update

The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-ostree-client package provides commands for client systems to perform upgrades and...

ALSA-2025:7160 Moderate: bootc security update

Bootable container system Security Fixes: rust-openssl: rust openssl ssl::selectnextproto use after free CVE-2025-24898 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References...

ALSA-2025:7050 Moderate: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

Moderate: python-requests security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Moderate: rpm-ostree security update

The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-ostree-client package provides commands for client systems to perform upgrades and...

Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS CVE-2024-12243 For more details...