AlmaLinux 8 : thunderbird (ALSA-2026:0026)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:0026 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in t...

AlmaLinux 10 : kernel (ALSA-2025:23279)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23279 advisory. kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: net: tun: Update napi-skb after XDP process...

AlmaLinux 10 : ruby (ALSA-2025:23141)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23141 advisory. resolv: Denial of Service in resolv gem CVE-2025-24294 rexml: REXML denial of service CVE-2025-58767 Tenable has extracted the preceding description blo...

AlmaLinux 10 : thunderbird (ALSA-2026:0025)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:0025 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in...

AlmaLinux 10 : tar (ALSA-2026:0002)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:0002 advisory. tar: Tar path traversal CVE-2025-45582 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus has n...

AlmaLinux 9 : opentelemetry-collector (ALSA-2025:23729)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23729 advisory. github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation CVE-2025-68156 Tenable has extracted the preceding...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2025:23543)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23543 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 Tenable has extracted the preceding...

AlmaLinux 8 : grafana (ALSA-2025:23948)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23948 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

AlmaLinux 9 : thunderbird (ALSA-2025:23856)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:23856 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in...

AlmaLinux 9 : libssh (ALSA-2025:23483)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23483 advisory. libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend CVE-2025-5987 Tenable has extracted the preceding description block directly from the...

AlmaLinux 10 : python3.12 (ALSA-2025:23940)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23940 advisory. cpython: python: Python zipfile End of Central Directory EOCD Locator record offset not checked CVE-2025-8291 Tenable has extracted the preceding description blo...

AlmaLinux 9 : gcc-toolset-13-binutils (ALSA-2025:23336)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23336 advisory. binutils: GNU Binutils Linker heap-based overflow CVE-2025-11083 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 9 : mod_md (ALSA-2025:23739)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23739 advisory. modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 10 : mod_md (ALSA-2025:23738)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23738 advisory. modmd: Apache HTTP Server: modmd ACME, unintended retry intervals CVE-2025-55753 Tenable has extracted the preceding description block directly from the AlmaLinu...

AlmaLinux 9 : webkit2gtk3 (ALSA-2025:23700)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23700 advisory. webkitgtk: webkitgtk: Use-after-free due to improper memory management CVE-2025-43529 webkitgtk: Processing maliciously crafted web content may lead to a...

AlmaLinux 9 : binutils (ALSA-2025:23343)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23343 advisory. binutils: GNU Binutils Linker heap-based overflow CVE-2025-11083 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 10 : opentelemetry-collector (ALSA-2025:23664)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23664 advisory. github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation CVE-2025-68156 Tenable has extracted the preceding...

AlmaLinux 10 : keylime (ALSA-2025:23201)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23201 advisory. keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration CVE-2025-13609 Tenable has extracted the preceding description block directl...

AlmaLinux 9 : git-lfs (ALSA-2025:23744)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23744 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the AlmaLinu...

AlmaLinux 10 : tomcat (ALSA-2025:23050)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23050 advisory. tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve CVE-2025-31651 tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Denial of service...