Oracle Linux 9 : gimp (ELSA-2026-0914)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0914 advisory. - fix CVE-2025-14422 - fix CVE-2025-14423 - fix CVE-2025-14424 - fix CVE-2025-14425 - fix CVE-2025-10920 - fix CVE-2025-10921 - fix CVE-2025-10922 - fi...

kernel security update

6.12.0-124.28.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

Oracle Linux 10 : brotli (ELSA-2026-0845)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0845 advisory. 1.1.0-7 - Resolves: RHEL-133984 CVE-2025-6176 Brotli decompression bomb DoS in scrapy Tenable has extracted the preceding description block directly from the...

Oracle Linux 9 : jmc (ELSA-2026-0752)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-0752 advisory. 8.2.0-4 - Bump LZ4 Version to 1.10.2. Related: RHEL-135478 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

Oracle Linux 9 : gpsd-minimal (ELSA-2026-0771)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0771 advisory. 1:3.26.1-1.0.1.el97.1 - Replaced upstream reference Orabug: 35865525 Tenable has extracted the preceding description block directly from the Oracle Lin...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50061)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50061 advisory. - tipc: Fix use-after-free in tipcmonreinitself. Kuniyuki Iwashima Orabug: 38855323 CVE-2025-40280 - vsock: Ignore signal/timeout on connect if...

Oracle Linux 8 : net-snmp (ELSA-2026-0750)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0750 advisory. 5.8-33.0.1 - fix error index value when snmpget is used a proxy pass Orabug: 34905643 1:5.8-33 - fix out of bound access RHEL-137501 - perl modern auth enableme...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50060)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50060 advisory. 6.12.0-107.59.3.3 - vsock: Ignore signal/timeout on connect if already established Michal Luczaj Orabug: 38858283 CVE-2025-40248 Tenable has extracted the...

Oracle Linux 8 : container-tools:ol8 (ELSA-2026-0753)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0753 advisory. - fixes 'CVE-2025-47913 container-tools:rhel8/buildah: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS rhel-8.10.z' - rebuild...

Oracle Linux 8 : firefox (ELSA-2026-0667)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-0667 advisory. 140.7.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.7.0 - Add debranding patches Mustafa Gezen - Add OpenELA default...

Oracle Linux 9 : firefox (ELSA-2026-0694)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0694 advisory. 140.7.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red...

Oracle Linux 8 : gnupg2 (ELSA-2026-0728)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0728 advisory. 2.2.20-4 - Fix CVE-2025-68973 gpg.fail/memcpy Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 8 : vsftpd (ELSA-2026-0608)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-0608 advisory. - Fix CVE-2025-14242 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

Oracle Linux 9 : transfig (ELSA-2026-0700)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-0700 advisory. 1:3.2.7b-11 - Detect nan in spline control values - CVE-2025-46397 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : libpq (ELSA-2026-0695)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0695 advisory. 13.23-1 - Rebase to upstream release 13.23 - Resolves: RHEL-131269 CVE-2025-12818 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 9 : gnupg2 (ELSA-2026-0719)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0719 advisory. 2.3.3-5 - Fix CVE-2025-68973 gpg.fail/memcpy Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Oracle Linux 8 : openssl (ELSA-2026-50008)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50008 advisory. - Backport fix for Out-of-bounds read & write in RFC 3211 KEK Unwrap Fix CVE-2025-9230 Resolves: RHEL-128613 Tenable has extracted the preceding description...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004788)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004788 advisory. A flaw in netrdsallocsgs in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 Availability impacts. CVSS Vector...

Oracle Linux 7 : firefox (ELSA-2026-0007)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-0007 advisory. - Update to 140.6.0 ESR Orabug: 38813993CVE-2025-14321CVE-2025-14322 CVE-2025-14323CVE-2025-14324CVE-2025-14325CVE-2025-14328...

Oracle Linux 8 : cups (ELSA-2026-0596)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0596 advisory. - RHEL-129729 CVE-2025-58436 cups: Slow client communication leads to a possible DoS attack Tenable has extracted the preceding description block...