Oracle Linux 10 : libpng (ELSA-2026-18064)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18064 advisory. 2:1.6.40-8.4 - fix CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE RHEL-161324 Tenable has extracted the preceding descriptio...

Oracle Linux 10 : jq (ELSA-2026-16692)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-16692 advisory. - Fix CVE-2026-40164 - Denial of Service via crafted JSON object causing hash collisions Tenable has extracted the preceding description block direct...

Oracle Linux 10 : openexr (ELSA-2026-15888)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-15888 advisory. 3.1.10-8.2 - fix CVE-2026-34588 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...

Oracle Linux 10 : fence-agents (ELSA-2026-13916)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13916 advisory. - bundled pyasn1: replace with dependency to fix CVE-2026-30922 Tenable has extracted the preceding description block directly from the Oracle Linux...

osbuild-composer security update

149-6.0.1 - Add missing dependency over dracut-config-rescue for image-installer Orabug: 38587453 - Add OL10 support - Update repository URLs for baseos, appstream and UERK - Fix the label for UEKR repository - Simplify repository names JIRA: OLDIS-35893 - Ensure build on latest golang:...

Oracle Linux 10 : openssh (ELSA-2026-13380)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13380 advisory. - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Resolves: RHEL-164738 - CVE-2026-35388: Add...

Oracle Linux 10 : libcap (ELSA-2026-12423)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-12423 advisory. 2.69-7.1 - Fix TOCTOU race condition in capsetfile CVE-2026-4878 Resolves: RHEL-169301 Tenable has extracted the preceding description block directly from the...

Oracle Linux 10 : grafana-pcp (ELSA-2026-11881)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-11881 advisory. - Resolves RHEL-166433: CVE-2026-32282 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

Oracle Linux 10 : pcs (ELSA-2026-10713)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-10713 advisory. 0.12.1-1.el101.3 - Fixed CVE-2026-4800 by updating HA Cluster Management add-on to 0.1.23.2 Resolves: RHEL-164062 Tenable has extracted the preceding...

Oracle Linux 10 : sudo (ELSA-2026-10758)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-10758 advisory. 1.9.15-10.p5 - Resolves: RHEL-164619 - CVE-2026-35535 sudo: Sudo: Privilege escalation due to failure in privilege drop calls Tenable has extracted the...

Oracle Linux 10 : wireshark (ELSA-2026-9666)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9666 advisory. - Resolves: RHEL-152921 - CVE-2026-3203 Buffer Over-read - Resolves: RHEL-152912 - CVE-2026-3201 Improperly Controlled Sequential Memory Allocation -...

Oracle Linux 10 : giflib (ELSA-2026-8858)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8858 advisory. 5.2.1-22.1 - fix CVE-2026-23868: double free in GifMakeSavedImage RHEL-154849 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 10 : delve (ELSA-2026-8842)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-8842 advisory. 1.25.2-3.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-3 - Rebuild with latest Go Tenable has extracted the preceding...

Oracle Linux 10 : .NET / 8.0 (ELSA-2026-8470)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8470 advisory. 8.0.126-1.0.1 - Add support for Oracle Linux 8.0.126-1 - Update to .NET SDK 8.0.126 and Runtime 8.0.26 - Resolves: RHEL-163417 Tenable has extracted t...

Oracle Linux 10 : kea (ELSA-2026-7342)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-7342 advisory. 3.0.1-3 - Fixes CVE-2026-3608 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Oracle Linux 10 : libarchive (ELSA-2026-8492)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-8492 advisory. - Resolves: CVE-2026-4424 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not test...

Oracle Linux 10 : freerdp (ELSA-2026-8458)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8458 advisory. - Update CLEARVBARENTRY size after alloc CVE-2026-33984 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 10 : nodejs24 (ELSA-2026-7675)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7675 advisory. 1:24.14.1-2.0.1 - Update upstream references 1:24.14.1-2 - Update bundled nghttp2 to 1.68.1 1:24.14.1-1 - Update to version 24.14.1 Tenable has...

Oracle Linux 10 : vim (ELSA-2026-7711)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7711 advisory. - RHEL-159615 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob function - RHEL-155409 CVE-2026-28421 vim: Vim: Denial o...

Oracle Linux 10 : fontforge (ELSA-2026-6631)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-6631 advisory. 20230101-15 - Resolves: RHEL-138129 CVE-2025-15270 SFD File Parsing Remote Code Execution Vulnerability Tenable has extracted the preceding description block...