Photon OS 4.0: Linux PHSA-2025-4.0-0790

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0790. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Mageia: Security Advisory (MGASA-2025-0144)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2025:1433-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:1433-1 advisory. - CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Tenable has extracted the preceding description block...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : poppler (SUSE-SU-2025:1434-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1434-1 advisory. - CVE-2025-43903: improper verification of adbe.pkcs7.sha1 signatures allows for signature forgeries...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libxml2 (SUSE-SU-2025:1438-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1438-1 advisory. - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 -...

SUSE SLES15 Security Update : redis (SUSE-SU-2025:1419-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:1419-1 advisory. - CVE-2025-21605: Fixed an output buffer denial of service. bsc1241708 Tenable has extracted the preceding description block directly from t...

CVE-2025-29906 Finit bundled getty can bypass /bin/login

Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 and prior to version 4.11 bundle an implementation of getty for the tty configuration directive that can bypass /bin/login, i.e., a user can log in as any user without authentication. This issue has been patched in version 4.1...

Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2025-119-02)

The version of mozilla-thunderbird installed on the remote host is prior to 128.10.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-119-02 advisory. New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues...

DSA-5907-1 linux - security update

Bulletin has no description...

Azure Linux 3.0 Security Update: libsoup (CVE-2025-32913)

The version of libsoup installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32913 advisory. - A flaw was found in libsoup, where the soupmessageheadersgetcontentdisposition function is vulnerable to a...

Azure Linux 3.0 Security Update: qemu (CVE-2023-6683)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6683 advisory. - A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The...

CBL Mariner 2.0 Security Update: giflib (CVE-2025-31344)

The version of giflib installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-31344 advisory. - Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with...

CVE-2024-12863 Stored XSS in Discussions functionality

Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system...

RHEL 8 : kernel (RHSA-2025:3832)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3832 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ALSA: usb-audio: Fix out of bounds read...

Azure Linux 3.0 Security Update: ruby (CVE-2025-27220)

The version of ruby installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-27220 advisory. - In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service ReDoS vulnerability exists in the...

Azure Linux 3.0 Security Update: edk2 / hvloader / openssl (CVE-2024-4741)

The version of edk2 / hvloader / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4741 advisory. - Issue summary: Calling the OpenSSL API function SSLfreebuffers May cause memory to be...

SUSE SLES15 Security Update : Multi-Linux Manager 4.3: Server (SUSE-SU-2025:1321-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1321-1 advisory. spacewalk-java: - Version 4.3.85-0: CVE-2025-23392: Filter user input in systems list page. bsc1239826 Tenable has extracted the preceding description...

Azure Linux 3.0 Security Update: augeas (CVE-2025-2588)

The version of augeas installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2588 advisory. - A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability...

Azure Linux 3.0 Security Update: wpa_supplicant (CVE-2025-24912)

The version of wpasupplicant installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-24912 advisory. - hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices wi...

Azure Linux 3.0 Security Update: unzip (CVE-2021-4217)

The version of unzip installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-4217 advisory. - A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lea...