Oracle Linux 9 : grafana (ELSA-2025-23087)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-23087 advisory. - Resolves RHEL-125692: CVE-2025-58183 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

Oracle Linux 10 : firefox (ELSA-2025-23035)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-23035 advisory. 140.6.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...

Oracle Linux 10 : tomcat (ELSA-2025-23050)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23050 advisory. - Resolves: RHEL-124494 tomcat: Directory traversal via rewrite with possible RCE CVE-2025-55752 - Resolves: RHEL-91729 tomcat: Bypass of rules in...

Oracle Linux 9 : firefox (ELSA-2025-23034)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23034 advisory. 140.6.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Re...

Oracle Linux 10 : mysql8.4 (ELSA-2025-23008)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23008 advisory. 8.4.7-1 - Rebase to 8.4.7 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...

Oracle Linux 7 : libsoup (ELSA-2025-21657)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21657 advisory. - Backport patch for CVE-2025-4945 and CVE-2025-11021 Orabug: 38664275 - Fixes CVE-2025-2784 CVE-2025-4948 CVE-2025-32049 Orabug: 38085184 -...

Oracle Linux 10 : tomcat9 (ELSA-2025-23052)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23052 advisory. - Resolves: RHEL-124497 tomcat: Directory traversal via rewrite with possible RCE CVE-2025-55752 Tenable has extracted the preceding description bloc...

Oracle Linux 8 : go-toolset:rhel8 (ELSA-2025-22668)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-22668 advisory. delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related:...

kernel security update

4.18.0-553.89.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Oracle Linux 7 : sssd (ELSA-2025-19847)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-19847 advisory. 1.16.5-10.0.5.16 - krb5: disable Kerberos localauth an2ln plugin for AD/IPA Orabug: 38621159 Tenable has extracted the preceding description block directly fro...

Oracle Linux 8 : webkit2gtk3 (ELSA-2025-22789)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-22789 advisory. 2.50.3-1 - Update to 2.50.3 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

Oracle Linux 10 : kernel (ELSA-2025-21931)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21931 advisory. - fs/smb: Fix inconsistent refcnt update Paulo Alcantara RHEL-124955 CVE-2025-39819 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. Antoine Tenart...

Oracle Linux 9 : webkit2gtk3 (ELSA-2025-22790)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-22790 advisory. 2.50.3-1 - Update to 2.50.3 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

Oracle Linux 8 : abrt (ELSA-2025-22760)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-22760 advisory. 2.10.9-25.0.1 - Replaces sosreport to sos report in sosreport-event.conf Orabug: 38590929 - abrt-dump-oops-Fix-vmcore-call-trace-parsing-arm Orabug: 34184473 -...

Oracle Linux 10 : squid (ELSA-2025-21002)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-21002 advisory. - Resolves: RHEL-122480 - CVE-2025-62168 squid: Squid vulnerable to information disclosure via authentication credential leakage in error handling Tenable has...

Oracle Linux 10 : bind (ELSA-2025-21034)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21034 advisory. - Fix upstream reported regression in recent CVE fix CVE-2025-8677 - Refuse malformed DNSKEY records CVE-2025-8677 - Address various spoofing attacks...

Oracle Linux 10 : pcs (ELSA-2025-21036)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21036 advisory. 0.12.1-1.el101.1 - Fixed CVE-2025-59830, CVE-2025-61770, CVE-2025-61771, CVE-2025-61772, CVE-2025-61919 by updating bundled rubygem rack Resolves:...

Oracle Linux 10 : ipa (ELSA-2025-20994)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20994 advisory. 4.12.2-24.0.1.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 - Add bind to ipa-server-common Requires Orabug: 36518596 4.12.2-24.1 -...

Oracle Linux 10 : java-25-openjdk (ELSA-2025-21485)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21485 advisory. 1:25.0.1.0.8-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:25.0.1.0.8-2 - Remove superfluous backslashes that cause two alternative commands t...

Oracle Linux 10 : qt6-qtsvg (ELSA-2025-21037)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21037 advisory. 6.9.1-2.1 - Fix CVE-2025-10729: Prevent dangling pointers in SVG group node creation Resolves: RHEL-119699 Tenable has extracted the preceding description blo...