Oracle Linux 9 : python-kdcproxy (ELSA-2025-21139)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-21139 advisory. - Use DNS discovery for declared realms only CVE-2025-59088 Resolves: RHEL-122779 Tenable has extracted the preceding description block directly from...

Oracle Linux 9 : openssl (ELSA-2025-21255)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21255 advisory. 3.5.1-4.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream...

Oracle Linux 10 : ELSA-2025-20478-0: / zziplib (ELSA-2025-204780)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-204780 advisory. 0.13.78-2 - Fix directory traversal in unzip binary - Disable the CVE tests during the check phase - the reproducers for these are downloaded from the github...

Oracle Linux 10 : ELSA-2025-20126-0: / openssh (ELSA-2025-201260)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-201260 advisory. - CVE-2025-32728: Fix logic error in DisableForwarding option Resolves: RHEL-86819 Tenable has extracted the preceding description block directly from the...

Oracle Linux 10 : ELSA-2025-20181-0: / pam (ELSA-2025-201810)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-201810 advisory. 1.6.1-8 - pamnamespace: fix potential privilege escalation. Resolves: CVE-2025-6020 and RHEL-101174 Tenable has extracted the preceding description block...

Oracle Linux 9 : vim (ELSA-2025-20945)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20945 advisory. - RHEL-112005 CVE-2025-53905 vim: Vim path traversial Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : kernel (ELSA-2025-22405)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-22405 advisory. - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. Antoine Tenart RHEL-120668 CVE-2025-39955 - Bluetooth: MGMT: fix crash in setmeshsync and...

Oracle Linux 9 : webkit2gtk3 (ELSA-2025-20922)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20922 advisory. 2.50.1-1 - Update to 2.50.1 2.50.0-1 - Update to 2.50.0 2.48.5-1 - Update to 2.48.5 2.48.3-1 - Update to 2.48.3 2.48.2-1 - Update to 2.48.2 - Reenable...

Oracle Linux 9 : kernel (ELSA-2025-21926)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21926 advisory. - mm: slub: avoid wake up kswapd in settrackprepare Audra Mitchell RHEL-125521 CVE-2025-39843 - slub: Reflow slaballoc Audra Mitchell RHEL-125521 CVE-2025-3984...

Oracle Linux 9 : squid (ELSA-2025-20935)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-20935 advisory. - Resolves: RHEL-122492 - squid: Squid vulnerable to information disclosure via authentication credential leakage in error handling CVE-2025-62168 Tenable has...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2025-28026)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-28026 advisory. 5.4.17-2136.349.3.2 - crypto: essiv - Check ssize for decryption and in-place encryption Herbert Xu Orabug: 38705546 CVE-2025-40019 Tenable has extracted t...

Oracle Linux 9 : qt5-qt3d (ELSA-2025-20963)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20963 advisory. 5.15.9-2.1 - Assimp: Fix heap-based overflow in Q3DLoader::InternReadFile Resolves: RHEL-120986 Tenable has extracted the preceding description block directly...

Oracle Linux 9 : podman (ELSA-2025-20909)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20909 advisory. - fixes 'CVE-2025-9566 podman: Podman kube play command may overwrite host files rhel-9.7' Tenable has extracted the preceding description block...

Oracle Linux 10 : ELSA-2025-20155-0: / binutils (ELSA-2025-201550)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-201550 advisory. - Remove workaround for CVE-2025-5702. RHEL-100159 - Add fix for CVE-2025-5244. RHEL-100417 - USe correct fix for CVE-2025-5702. RHEL-100159 Tenable has...

Oracle Linux 9 : bind (ELSA-2025-21110)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21110 advisory. - Prevent cache poisoning due to weak PRNG CVE-2025-40780 - Address various spoofing attacks CVE-2025-40778 Tenable has extracted the preceding...

Oracle Linux 9 : bind9.18 (ELSA-2025-21111)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21111 advisory. - Fix upstream reported regression in recent CVE fix CVE-2025-8677 - Refuse malformed DNSKEY records CVE-2025-8677 - Address various spoofing attacks...

Oracle Linux 9 : libxml2 (ELSA-2025-22376)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-22376 advisory. 2.9.13-14 - Rebuilt for the correct target in RHEL 9.7-z RHEL-119283 2.9.13-13 - Fix CVE-2025-9714 RHEL-119283 Tenable has extracted the preceding description...

Oracle Linux 10 : glibc (ELSA-2025-28003)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-28003 advisory. 2.39-58.0.1 - Forward port Oracle changes to 2.39-58. - Reviewed-by: Jose E. Marchesi Oracle history: August-29-2025 Cupertino Miranda - 2.39-54.0.1 - Forward...

Oracle Linux 8 : firefox (ELSA-2025-22363)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-22363 advisory. 140.5.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.5.0 - Add debranding patches Mustafa Gezen - Add OpenELA default...

Oracle Linux 7 : libtiff (ELSA-2025-21407)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21407 advisory. - fix CVE-2025-8176: prevent skipping first line in tiffdither and tiffmedian tools Orabug: 38658716 - fix CVE-2025-8177: buffer overflow thumbnail...