Oracle Linux 7 : sudo (ELSA-2025-10871)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-10871 advisory. 1.8.23-10.0.1.3 - CVE-2025-32462 sudo: LPE via host option Orabug: 38187299 Tenable has extracted the preceding description block directly from the Oracle Linu...

Oracle Linux 10 : kernel (ELSA-2025-11428)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11428 advisory. 6.12.0-55.22.1.0.10.OL10 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Add new Oracle Linux Driver Signing key 1 certificate...

Oracle Linux 9 : kernel (ELSA-2025-11411)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11411 advisory. - sunrpc: handle SVCGARBAGE during svc auth processing as auth error CKI Backport Bot RHEL-101327 CVE-2025-38089 - media: uvcvideo: Remove dangling...

Oracle Linux 10 : git (ELSA-2025-11533)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11533 advisory. 2.47.3-1 - update to 2.47.3 - Resolves: RHEL-102437, RHEL-102451, RHEL-102673, RHEL-102679 Tenable has extracted the preceding description block...

Oracle Linux 9 : redis (ELSA-2025-11453)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11453 advisory. - rebase to 6.2.19 for CVE-2025-32023 and CVE-2025-48367 - rebase to 6.2.18 for CVE-2025-21605 -- rebase to 6.2.17 for CVE-2024-46981 Tenable has...

Oracle Linux 9 : fence-agents (ELSA-2025-11463)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11463 advisory. - bundled setuptools: fix CVE-2025-47273 Resolves: RHEL-95903 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : git (ELSA-2025-11462)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11462 advisory. 2.47.3-1 - update to 2.47.3 - Resolves: RHEL-102449, RHEL-102463, RHEL-102675, RHEL-102681 Tenable has extracted the preceding description block...

Oracle Linux 8 : kernel (ELSA-2025-11455)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11455 advisory. - tcp/dccp: Don't use timerpending in reqskqueueunlink. Guillaume Nault RHEL-66324 CVE-2024-50154 - net: ch9200: fix uninitialised access during...

Oracle Linux 8 : cloud-init (ELSA-2025-11324)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-11324 advisory. 23.4-7.0.2.el810.10 - Fixes regression in cloud-init with module ccwritefilesdeferred Orabug: 37382965 - Update IPv6 IMDS endpoint to ULA and drop NIC identifi...

Oracle Linux 8 : git (ELSA-2025-11534)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11534 advisory. 2.43.7-1 - update to 2.43.7 - Resolves: RHEL-102440, RHEL-102454, RHEL-102674, RHEL-102680 Tenable has extracted the preceding description block...

Oracle Linux 10 : valkey (ELSA-2025-11401)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11401 advisory. - update to 8.0.4 fixes CVE-2025-27151 CVE-2025-48367 and CVE-2025-32023 Tenable has extracted the preceding description block directly from the Orac...

kernel security update

5.14.0-570.28.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

Oracle Linux 9 : avahi (ELSA-2025-11402)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11402 advisory. 0.8-22.1 - Fix CVE-2024-52615 RHEL-94847 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Ness...

kernel security update

4.18.0-553.63.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20480)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20480 advisory. - sunrpc: handle SVCGARBAGE during svc auth processing as auth error Jeff Layton Orabug: 38178286 CVE-2025-38089 - Add Zen34 clients Borislav...

PT-2025-30006

Name of the Vulnerable Software and Affected Versions Tutorials-Website Employee Management System versions prior to 611887d8f8375271ce8abc704507d46340837a60 Description A flaw exists in the Tutorials-Website Employee Management System that allows for improper authorization. The issue is located ...

Oracle Linux 8 : tomcat (ELSA-2025-11333)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11333 advisory. - Resolves: RHEL-91761 tomcat: DoS via malformed HTTP/2 PRIORITYUPDATE frame CVE-2025-31650 Tenable has extracted the preceding description block...

Oracle Linux 8 : kernel (ELSA-2025-11298)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11298 advisory. - misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram CKI Backport Bot RHEL-100343 CVE-2022-49788 - media: uvcvideo: Remove dangling pointers...

Oracle Linux 8 : glib2 (ELSA-2025-11327)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11327 advisory. - Add patches for CVE-2024-34397, CVE-2024-52533, CVE-2025-4373 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 9 : cloud-init (ELSA-2025-10848)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-10848 advisory. - Resolves: RHEL-100611 CVE-2024-6174 cloud-init: From CVEorg collector rhel-9.6.z Tenable has extracted the preceding description block directly from the Orac...