Linux Distros Unpatched Vulnerability : CVE-2025-38303

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible crashes on eircreateadvdata eircreateadvdata may attempt to add...

Linux Distros Unpatched Vulnerability : CVE-2025-37942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: pidff: Make sure to fetch pool before checking SIMULTANEOUSMAX As noted by Anssi some 20 years ago, pool report is sometimes messed up. This worked fine on...

Oracle Linux 7 : python3-setuptools (ELSA-2025-11607)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-11607 advisory. 39.2.0-10.0.5 - Back port fix for CVE-2025-47273 Orabug: 38229296 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Linux Distros Unpatched Vulnerability : CVE-2021-30640

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the...

Linux Distros Unpatched Vulnerability : CVE-2021-2215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.23 and prior. Easily...

Amazon Linux 2023 : libnvidia-cfg, libnvidia-ml, nvidia-driver-cuda (ALAS2023NVIDIA-2025-144)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-144 advisory. NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outside bounds permitted under normal use cases. A...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rav1e (SUSE-SU-2025:02586-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02586-1 advisory. - CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. bsc1243855 Tenable has...

Photon OS 4.0: Linux PHSA-2025-4.0-0840

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0840. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

USN-7683-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - TTY drivers; - Network traffic control; CVE-2025-38083, CVE-2024-50073...

Azure Linux 3.0 Security Update: protobuf (CVE-2025-4565)

The version of protobuf installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4565 advisory. - Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an...

Azure Linux 3.0 Security Update: libxml2 (CVE-2025-49796)

The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49796 advisory. - A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can...

opentelemetry-collector security update

An update is available for opentelemetry-collector. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Collector with the supported components for a Rocky Enterpris...

ruby:3.1 security update

An update is available for module.ruby, rubygem-pg, ruby, module.rubygem-pg, module.rubygem-mysql2, rubygem-mysql2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE li...

nodejs:22 security update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

python-jinja2 security update

An update is available for python-jinja2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...

python3.11 security update

An update is available for python3.11. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming languag...

RLSA-2025:3264 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array CVE-2025-21785 For more details about the security issues, includin...

libjpeg-turbo security update

An update is available for libjpeg-turbo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libjpeg-turbo packages contain a library of functions for...

libvpx security update

An update is available for libvpx. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libvpx packages provide the VP8 SDK, which allows the encoding and decodin...

postgresql:12 security update

An update is available for postgres-decoderbufs, postgresql, pgrepack, module.postgresql, module.postgres-decoderbufs, pgaudit, module.pgrepack, module.pgaudit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...