Oracle Linux 9 : ruby:3.3 (ELSA-2026-18030)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18030 advisory. - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171255 - Fix possible denial of service in resolv gem...

Oracle Linux 9 : libpng (ELSA-2026-18028)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18028 advisory. 2:1.6.37-12.4 - fix CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE RHEL-161436 Tenable has extracted the preceding descriptio...

Oracle Linux 9 : gimp (ELSA-2026-16484)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-16484 advisory. - fix CVE-2026-4150 - fix CVE-2026-4151 - fix CVE-2026-4152 - fix CVE-2026-4153 - fix CVE-2026-4154 Tenable has extracted the preceding description...

Oracle Linux 9 : openexr (ELSA-2026-15887)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-15887 advisory. 3.1.1-3.2 - fix CVE-2026-34588 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 9 : thunderbird (ELSA-2026-15892)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-15892 advisory. 140.10.0-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.10.0 - Add OpenELA debranding 140.10.0-1 - Update to 140.10.0 ESR Tenab...

Oracle Linux 9 : kernel (ELSA-2026-13565)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13565 advisory. - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption Vladislav Dronov RHEL-172201 CVE-2026-31431 - crypto: authencesn -...

Oracle Linux 9 : openssh (ELSA-2026-13381)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13381 advisory. - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Resolves: RHEL-164752 - CVE-2026-35388: Add...

Oracle Linux 9 : fence-agents (ELSA-2026-13917)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13917 advisory. - bundled pyasn1: fix CVE-2026-30922 Resolves: RHEL-157201 - bundled cryptography: replace with dependency to fix CVE-2026-26007 Tenable has extracted the...

Oracle Linux 9 : systemd (ELSA-2026-13677)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13677 advisory. - coredump: use %d in kernel core pattern - CVE-2025-4598 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

Oracle Linux 9 : vim (ELSA-2026-11510)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11510 advisory. - RHEL-155437 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin - RHEL-155422 CVE-2026-28421 vim: Vim: Denial of...

Oracle Linux 9 : python3.12 (ELSA-2026-10745)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10745 advisory. - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-168156, RHEL-167914 - Security fix for CVE-2026-4519 Resolves: RHEL-158051 Tenable ha...

Oracle Linux 9 : python3.9 (ELSA-2026-10949)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10949 advisory. - Security fixes for CVE-2026-4786 and CVE-2026-6100 Resolves: RHEL-168157, RHEL-167915 - Security fix for CVE-2026-4519 Resolves: RHEL-158052 Tenable...

Oracle Linux 9 : qemu-kvm (ELSA-2026-50241)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50241 advisory. - Document CVEs Mark Kanda CVE-2025-54566 CVE-2025-54567 CVE-2025-8860 CVE-2026-0665 CVE-2026-3886 - hw/usb/hcd-ohci: check for MPS=0 to avoid infinit...

Oracle Linux 9 : firefox (ELSA-2026-10757)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10757 advisory. 140.10.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...

Oracle Linux 9 : gdk-pixbuf2 (ELSA-2026-10708)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-10708 advisory. - Backport fixes for CVE-2026-5201 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

Oracle Linux 9 : python3.11 (ELSA-2026-10774)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10774 advisory. 3.11.13-5.3.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5.3 - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-167913,...

Oracle Linux 9 : pcs (ELSA-2026-10710)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-10710 advisory. 0.11.10-1.el97.3 - Fixed CVE-2026-4800 by updating pcs-web-ui to 0.1.23.2 Resolves: RHEL-164191 Tenable has extracted the preceding description block directly...

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2026-9686)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9686 advisory. 1:17.0.19.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.19.0.10-1 - Update to jdk-17.0.19+10 GA - Add to .gitignore...

Oracle Linux 9 : osbuild-composer (ELSA-2026-9044)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-9044 advisory. 149-5.0.1 - Add missing dependency over dracut-config-rescue for image-installer ORABUG: 38587453 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Ad...

Oracle Linux 9 : nodejs:22 (ELSA-2026-7302)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7302 advisory. - introduced patch updating deps/nghttp2 to v 1.68.1 for CVE-2026-27135 - patch for npm/braces CVE-2026-25547 Resolves: RHEL-163369 Fixes: CVE-2026-152...