AlmaLinux 8 : firefox (ALSA-2026:20566)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:20566 advisory. firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox...

CLSA-2026-1779465287 Update of tomcat

Bump leading release to maintain monotonic rpm-version ordering in the AlmaLinux 9.2 ESU update stream...

AlmaLinux 8 : firefox (ALSA-2026:19588)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:19588 advisory. firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due...

AlmaLinux 8 : libsndfile (ALSA-2026:19559)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:19559 advisory. libsndfile: integer overflow in imareaderinit CVE-2026-37555 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

AlmaLinux 8 : kernel (ALSA-2026:19666)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:19666 advisory. kernel: Fragnesia is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in the Linux kernel...

AlmaLinux 8 : kernel-rt (ALSA-2026:19664)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:19664 advisory. kernel: Fragnesia is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in the Linux kernel...

AlmaLinux 9 : kernel (ALSA-2026:16206)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:16206 advisory. kernel: Dirty Frag is a new universal Local Privilege Escalation LPE vulnerability in the Linux kernel CVE-2026-43284 Tenable has extracted the preceding...

ALSA-2026:18913 Important: containernetworking-plugins security update

The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...

AlmaLinux 9 : ruby:3.3 (ALSA-2026:18030)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:18030 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the AlmaLinux...

Important: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path...

ALSA-2026:19135 Important: opentelemetry-collector security update

Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path...

AlmaLinux 10 : nginx (ALSA-2026:18063)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:18063 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 10 : ruby (ALSA-2026:18065)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:18065 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 8 : nginx:1.24 (ALSA-2026:18041)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:18041 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 10 : libpng (ALSA-2026:18064)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:18064 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 Tenable has extracted the preceding description block directly from t...

AlmaLinux 9 : ruby (ALSA-2026:18039)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:18039 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : nginx (ALSA-2026:18029)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:18029 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : kernel (ALSA-2026:16195)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:16195 advisory. kernel: Dirty Frag is a new universal Local Privilege Escalation LPE vulnerability in the Linux kernel CVE-2026-43284 Tenable has extracted the preceding...

AlmaLinux 8 : gimp:2.8 (ALSA-2026:17533)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:17533 advisory. gimp: GIMP:Memory disclosure and denial of service via specially crafted PCX image CVE-2026-4887 gimp: GIMP: Remote Code Execution via XPM File Parsing...

AlmaLinux 10 : ALSA-2026:A010kernel (ALSA-2026:A010)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:A010 advisory. kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-46300 kernel: ptrace: require CAPSYSPTRACE when task has no mm...