.NET 10.0 security update

10.0.109-1.0.1 - Add support for Oracle Linux 10.0.109-1 - Update to .NET SDK 10.0.109 and Runtime 10.0.9 - Resolves: RHEL-181555 10.0.106-2 - Update to .NET SDK 10.0.106 and Runtime 10.0.6 - Resolves: RHEL-163381 10.0.104-2 - Update to .NET SDK 10.0.104 and Runtime 10.0.4 - Resolves: RHEL-152949...

.NET 9.0 security update

9.0.118-1.0.1 - Add support for Oracle Linux 9.0.118-1 - Update to .NET SDK 9.0.118 and Runtime 9.0.17 - Resolves: RHEL-181550 9.0.116-2 - Update to .NET SDK 9.0.116 and Runtime 9.0.15 - Resolves: RHEL-163389 9.0.115-2 - Update to .NET SDK 9.0.115 and Runtime 9.0.14 - Resolves: RHEL-152941...

.NET 8.0 security update

8.0.128-1.0.1 - Add support for Oracle Linux 8.0.128-1 - Update to .NET SDK 8.0.128 and Runtime 8.0.28 - Resolves: RHEL-181052 8.0.126-2 - Update to .NET SDK 8.0.126 and Runtime 8.0.26 - Resolves: RHEL-163413 8.0.125-2 - Update to .NET SDK 8.0.125 and Runtime 8.0.25 - Resolves: RHEL-152929...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2026-9682)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9682 advisory. - Update to 8u492-b09 GA Orabug: 39247147CVE-2026-22007CVE-2026-22013 CVE-2026-22016CVE-2026-22018CVE-2026-22021CVE-2026-23865CVE-2026-34268 - Fixes...

Oracle Linux 8 : .NET / 8.0 (ELSA-2026-25110)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-25110 advisory. 8.0.128-1.0.1 - Add support for Oracle Linux 8.0.128-1 - Update to .NET SDK 8.0.128 and Runtime 8.0.28 - Resolves: RHEL-181052 8.0.126-2 - Update to...

Oracle Linux 8 : poppler (ELSA-2026-24984)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-24984 advisory. - Fix integer overflow in tilingPatternFill CVE-2026-10118 Tenable has extracted the preceding description block directly from the Oracle Linux security...

DIG: Oracle-Guided Directed Input Generation for One-Day Vulnerabilities

One-day vulnerabilities pose significant risks due to delayed or incomplete patch adoption. Generating proof-of-concept PoC inputs is therefore essential for assessing real-world impact. The key challenge is identifying necessary constraints for triggering the vulnerability and solving them...

Oracle Linux 8 : .NET / 10.0 (ELSA-2026-25114)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-25114 advisory. 10.0.109-1.0.1 - Add support for Oracle Linux 10.0.109-1 - Update to .NET SDK 10.0.109 and Runtime 10.0.9 - Resolves: RHEL-181555 10.0.106-2 - Update ...

Oracle Linux 8 : postgresql-jdbc (ELSA-2026-25030)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-25030 advisory. 42.2.14-4 - Limit SCRAM PBKDF2 iterations to prevent DoS via malicious server - Resolves: CVE-2026-42198 Tenable has extracted the preceding description block...

Oracle PeopleSoft Enterprise PeopleTools 访问控制错误漏洞

Oracle PeopleSoft Enterprise PeopleTools is a technology provided by Oracle Corporation for use with PeopleSoft applications, ensuring that it remains aligned with user needs and expectations. Versions 8.61 and 8.62 of Oracle PeopleSoft Enterprise PeopleTools contain access control vulnerabilitie...

Oracle Linux 7 : freerdp (ELSA-2026-11323)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-11323 advisory. - Fixed CVE-2026-22852 CVE-2026-22854 CVE-2026-22856 CVE-2026-23732 CVE-2026-23948 CVE-2026-24491 CVE-2026-24675 CVE-2026-24676 CVE-2026-24679...

Oracle Linux 8 : .NET / 9.0 (ELSA-2026-25113)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-25113 advisory. 9.0.118-1.0.1 - Add support for Oracle Linux 9.0.118-1 - Update to .NET SDK 9.0.118 and Runtime 9.0.17 - Resolves: RHEL-181550 9.0.116-2 - Update to...

Oracle Linux 7 : firefox (ELSA-2026-8427)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-8427 advisory. - Update to 140.9.0 ESR Orabug: 39361657CVE-2026-4684CVE-2026-4685 CVE-2026-4686CVE-2026-4687CVE-2026-4688CVE-2026-4689CVE-2026-4690...

Oracle Linux 7 : firefox (ELSA-2026-3984)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3984 advisory. - Update to 140.8.0 ESR Orabug: 39361647CVE-2026-2447CVE-2026-2757 CVE-2026-2758CVE-2026-2759CVE-2026-2760CVE-2026-2761CVE-2026-2762...

Oracle Linux 7 : firefox (ELSA-2026-13977)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-13977 advisory. - Update to 140.9.1 ESR Orabug: 39324689CVE-2026-5731CVE-2026-5732 CVE-2026-5734CVE-2026-33416CVE-2026-33636 - Update to 140.9.0 ESR Orabug:...

CVE-2026-42768

A flaw was found in OpenSSL's CMSdecrypt and PKCS7decrypt functions. This vulnerability, a Bleichenbacher-style oracle, could allow a remote attacker to decrypt or sign messages using the victim's private RSA key. Exploitation requires the attacker to provide specially crafted CMS or S/MIME...

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...

mysql: JSON unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: JSON. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access v...

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...