Facebook React has a Denial of Service Vulnerability in React Server Components

Impact A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpoints, this could lead to out-of-memory exceptions or excessive CPU usage. We recommend updating immediately. The vulnerability exists in versions 19.0.0 through 19.0.5,...

Oracle Linux 8 : virt:kvm_utils3 (ELSA-2026-50239)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50239 advisory. - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501...

Oracle Linux 10 : freerdp (ELSA-2026-6799)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6799 advisory. 2:3.10.3-5.5 - Fix use of nscprocessmessage - Increase timeout for TestSynchCritical Resolves: RHEL-155979 2:3.10.3-5.4 - Backport several CVE fixes...

Fedora 42 : mingw-binutils (2026-fe96f3532b)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fe96f3532b advisory. Backport fixes for multiple CVEs. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

freerdp security update

2:2.11.7-1.3 - Backport several CVE fixes Resolves: RHEL-151988, RHEL-152215...

PT-2026-27282

Name of the Vulnerable Software and Affected Versions Briefcase versions 0.3.0 through 0.3.25 Description Briefcase, a tool for converting Python projects into standalone native applications, has an issue where the installation process for Windows MSI installers, when set to install for All Users...

CVE-2026-3904

Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x8664 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the...

Oracle Linux 8 : freerdp (ELSA-2026-3334)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3334 advisory. 2:2.11.7-3 - Backport several CVE fixes Resolves: RHEL-148825, RHEL-148865, RHEL-148982 Tenable has extracted the preceding description block directly...

Fedora 42 : mingw-libsoup (2026-07b73214fc)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-07b73214fc advisory. Backport fixes for CVE-2026-0716, CVE-2026-0719. Tenable has extracted the preceding description block directly from the Fedora security advisory...

freerdp security update

2:2.11.7-2 - Backport several CVE fixes Resolves: RHEL-142417, RHEL-142401, RHEL-142385, RHEL-142369, RHEL-142353 Resolves: RHEL-142337, RHEL-142321...

Oracle Linux 8 : freerdp (ELSA-2026-2081)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2081 advisory. 2:2.11.7-2 - Backport several CVE fixes Resolves: RHEL-142417, RHEL-142401, RHEL-142385, RHEL-142369, RHEL-142353 Resolves: RHEL-142337, RHEL-142321...

Fedora 41 : mbedtls (2025-fe7ea8bbdd)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-fe7ea8bbdd advisory. Backport CVE fixes from 3.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Fedora 42 : mingw-binutils (2025-10c80b93e9)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-10c80b93e9 advisory. Backport fixes for CVE-2025-11082, CVE-2025-11083, CVE-2025-11494, CVE-2025-11495. Tenable has extracted the preceding description block directly fr...

CVE-2025-10537

Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

kernel security update

5.14.0-570.44.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

Oracle Linux 8 : postgresql:12 (ELSA-2025-15115)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-15115 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 12.22-5 - Fix previous Backport 12.22-4 - Backport CVE-2025-8715 Tenable has extracted the preceding...

Linux Distros Unpatched Vulnerability : CVE-2022-24999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an proto...

electron33 -- multiple vulnerabilities

Electron develpers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2025-0445. Security: backported fix for CVE-2025-0995. Security: backported fix for CVE-2025-0998...

electron32 -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2024-12693. Security: backported fix for CVE-2024-12694. Security: backported fix for CVE-2024-12695. Security: backported fix for CVE-2025-0434. Security: backported fix for CVE-2025-043...

OPENSUSE-SU-2024:0329-1 Security update for seamonkey

This update for seamonkey fixes the following issues: update to SeaMonkey 2.53.19: Cancel button in SeaMonkey bookmarking star ui not working bug 1872623. Remove OfflineAppCacheHelper.jsm copy from SeaMonkey and use the one in toolkit bug 1896292. Remove obsolete registerFactoryLocation calls fro...