AlmaLinux 9 : libsoup (ALSA-2025:20959)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20959 advisory. libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup CVE-2025-4945 libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP...

AlmaLinux 8 : lasso (ALSA-2025:21628)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21628 advisory. lasso: Type confusion in Entr'ouvert Lasso CVE-2025-47151 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Not...

AlmaLinux 9 : qt5-qt3d (ALSA-2025:20963)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:20963 advisory. assimp: Open Asset Import Library Assimp Q3DLoader.cpp InternReadFile heap-based overflow CVE-2025-11277 Tenable has extracted the preceding description block...

AlmaLinux 9 : podman (ALSA-2025:21702)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21702 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 Tenable has extracted the preceding...

AlmaLinux 9 : webkit2gtk3 (ALSA-2025:20922)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20922 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43272 webkitgtk: Processing maliciously crafted web...

AlmaLinux 9 : python-kdcproxy (ALSA-2025:21139)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:21139 advisory. python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV CVE-2025-59088 python-kdcproxy: Remote DoS via unbounded TCP upstream buffering...

AlmaLinux 9 : lasso (ALSA-2025:21462)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21462 advisory. lasso: Type confusion in Entr'ouvert Lasso CVE-2025-47151 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Not...

AlmaLinux 9 : grub2 (ALSA-2025:20532)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:20532 advisory. grub2: grub-core/gettext: Integer overflow leads to Heap OOB Write. CVE-2024-45777 Tenable has extracted the preceding description block directly from the AlmaLin...

AlmaLinux 9 : redis:7 (ALSA-2025:20955)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20955 advisory. redis: Lua library commands may lead to integer overflow and potential RCE CVE-2025-46817 Redis: Redis: Authenticated users can execute LUA scripts as a...

AlmaLinux 9 : sqlite (ALSA-2025:20936)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:20936 advisory. sqlite: Integer Truncation in SQLite CVE-2025-6965 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 9 : squid (ALSA-2025:20935)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:20935 advisory. squid-cache: Squid vulnerable to information disclosure via authentication credential leakage in error handling CVE-2025-62168 Tenable has extracted the preceding...

AlmaLinux 9 : haproxy (ALSA-2025:21693)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:21693 advisory. haproxy: denial of service vulnerability in HAProxy mjson library CVE-2025-11230 Tenable has extracted the preceding description block directly from the AlmaLinux...

Important: idm:DL1 security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV CVE-2025-59088 python-kdcproxy: Remot...

AlmaLinux 8 : libtiff (ALSA-2025:20034)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:20034 advisory. libtiff: LibTIFF Use-After-Free Vulnerability CVE-2025-8176 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

ALSA-2025:21140 Important: idm:DL1 security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV CVE-2025-59088 python-kdcproxy: Remot...

Important: ipa security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-7493 For more details...

AlmaLinux 8 : kernel-rt (ALSA-2025:19932)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:19932 advisory. kernel: x86/vmscape: Add conditional IBPB mitigation CVE-2025-40300 kernel: mm: fix zswap writeback race condition CVE-2023-53178 kernel: fs: fix UAF/GPF...

ALSA-2025:20928 Important: ipa security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-7493 For more details...

ALSA-2025:20994 Important: ipa security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-7493 For more details...

AlmaLinux 10 : xorg-x11-server-Xwayland (ALSA-2025:19435)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:19435 advisory. xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland: Use-after-free in Xkb client resource removal...