Oracle Linux 8 : firefox (ELSA-2026-21382)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-21382 advisory. 140.11.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 - diable wasisdk to prevent build failure with newer llvm 140.11.0 -...

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2026-9686)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9686 advisory. 1:17.0.19.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.19.0.10-1 - Update to jdk-17.0.19+10 GA - Add to .gitignore...

Oracle Linux 9 : .NET / 8.0 (ELSA-2026-8469)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8469 advisory. 8.0.126-1.0.1 - Add support for Oracle Linux 8.0.126-1 - Update to .NET SDK 8.0.126 and Runtime 8.0.26 - Resolves: RHEL-163416 Tenable has extracted th...

Oracle Linux 10 : .NET / 10.0 (ELSA-2026-8467)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8467 advisory. 10.0.106-1.0.1 - Add support for Oracle Linux 10.0.106-1 - Update to .NET SDK 10.0.106 and Runtime 10.0.6 - Resolves: RHEL-163385 Tenable has extracte...

Oracle Linux 8 : freerdp (ELSA-2026-6918)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6918 advisory. 2:2.11.7-6 - Fix use of nscprocessmessage Resolves: RHEL-155984 2:2.11.7-5 - Backport several CVE fixes Resolves: RHEL-147954, RHEL-147955, RHEL-147970...

Oracle Linux 9 : python3.11 (ELSA-2026-6286)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-6286 advisory. 3.11.13-5.2.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5.2 - Security fix for CVE-2026-4519 Resolves: RHEL-158050 Tenable has extracted the...

Oracle Linux 10 : .NET / 8.0 (ELSA-2026-4451)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-4451 advisory. 8.0.125-1.0.1 - Add support for Oracle Linux 8.0.125-1 - Update to .NET SDK 8.0.125 and Runtime 8.0.25 - Resolves: RHEL-152937 Tenable has extracted the...

Oracle Linux 9 : libpng (ELSA-2026-3405)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3405 advisory. - fix CVE-2026-25646: heap buffer overflow in pngsetquantize RHEL-148970 - fix CVE-2026-22695: heap buffer over-read in pngimagefinishread RHEL-148403...

Oracle Linux 8 : gcc-toolset-14-binutils (ELSA-2026-2627)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-2627 advisory. 2.41-3.1 - Fix a potential illegal memory access when linking a corrupt input file. RHEL-130636 Thu Feb 20 2025 Nick Clifton - Backport fixes for PR 32082 and P...

Oracle Linux 10 : glibc (ELSA-2026-1334)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1334 advisory. - CVE-2026-0915: Stack memory disclosure in getnetbyaddr RHEL-141848 - CVE-2026-0861: Check for alignment overflow in memalign functions RHEL-141732...

Oracle Linux 8 : go-toolset:ol8 (ELSA-2026-0921)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0921 advisory. delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related: RHEL-12122...

Oracle Linux 8 : gnupg2 (ELSA-2026-0728)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0728 advisory. 2.2.20-4 - Fix CVE-2025-68973 gpg.fail/memcpy Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 10 : libpq (ELSA-2026-0594)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0594 advisory. 16.11-3 - Release bump 16.11-1 - Rebase to upstream release 16.11 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : libpng (ELSA-2026-0238)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0238 advisory. - CVE-2025-64720: buffer overflow RHEL-131580 - CVE-2025-65018: heap buffer overflow RHEL-131593 Tenable has extracted the preceding description block...

Oracle Linux 10 : libpng (ELSA-2026-0237)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0237 advisory. - CVE-2025-64720: buffer overflow RHEL-131422 - CVE-2025-65018: heap buffer overflow RHEL-131435 Tenable has extracted the preceding description block...

Oracle Linux 9 : git-lfs (ELSA-2025-23744)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-23744 advisory. - Backport fix for CVE-2025-26625 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

Oracle Linux 9 : kernel (ELSA-2025-23241)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23241 advisory. - CVE-2025-38499 kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns Abhi Das RHEL-129261 CVE-2025-38499 - tls: wait fo...

Oracle Linux 8 : openssh (ELSA-2025-23481)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23481 advisory. - CVE-2025-61984: Reject usernames with control characters Resolves: RHEL-128400 Tenable has extracted the preceding description block directly from t...

Oracle Linux 10 : kernel (ELSA-2025-23279)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23279 advisory. - CVE-2025-38499 kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns Abhi Das RHEL-129282 CVE-2025-38499 Tenable has...

Oracle Linux 8 : go-toolset:rhel8 (ELSA-2025-22668)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-22668 advisory. delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related:...