Advisory ROSA-SA-2026-3151

Software: libsoup 2.62.3 OS: ROSA Virtualization 3.1 unaffected versions = libsoup-2.62.3-11.rv31 affected versions libsoup-2.62.3-11.rv31 CVE-ID: CVE-2025-4945 BDU-ID: 2025-10260 CVE-Crit: LOW CVE-DESC.: A vulnerability in the libsoup library of the GNOME GUI is related to integer overflow durin...

Advisory ROSA-SA-2026-3148

Software: libpng 1.6.34 OS: ROSA Virtualization 3.1 unaffected versions = libpng-1.6.34-9.0.1.1.rv31 affected versions libpng-1.6.34-9.0.1.1.rv31 CVE-ID: CVE-2025-64720 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Read Outside Buffer Vulnerability in LIBPNG: The pngimagereadcomposite function incorrect...

SUSE: Security Advisory (SUSE-SU-2026:0460-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:0494-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2026:0480-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : vim (2026-f4563b100f)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f4563b100f advisory. patchlevel 2146 Security fix for CVE-2026-25749 Tenable has extracted the preceding description block directly from the Fedora security advisory. No...

Oracle Linux 10 : golang (ELSA-2026-2706)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2706 advisory. 1.25.7-1 - Rebase to latest rhel-10-main 170a5b7e084 Tenable has extracted the preceding description block directly from the Oracle Linux security...

CentOS 9 : vim-8.2.2637-25.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the vim-8.2.2637-25.el9 build changelog. - Heap Overflow in Vim CVE-2026-25749 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported...

Fedora 43 : python-aiohttp (2026-66cb8ecfc2)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-66cb8ecfc2 advisory. https://github.com/aio-libs/aiohttp/blob/v3.13.3/CHANGES.rst Tenable has extracted the preceding description block directly from the Fedora security advisory...

rPGP vulnerable to parser crash on crafted RSA secret key packets through CVE-2026-21895

Summary It was possible to trigger an unhandled edge case in the Rust Crypto rsa crate through rPGP packet parsing functionality, and crash the process that runs rPGP. This problem has been patched in a new rsa version. The new release of rPGP ensures a patched version of the rsa crate is in use,...

Debian: Security Advisory (DSA-6133-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : libssh (2026-53b80475c3)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-53b80475c3 advisory. New upstream release fixing several security issues Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

Mageia: Security Advisory (MGASA-2026-0038)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : osslsigncode (2026-ab67a4d8b3)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ab67a4d8b3 advisory. See commit history Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

MiracleLinux 8 : git-lfs-3.4.1-7.el8_10 (AXSA:2026-164:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-164:01 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 Tenable has extracted the preceding...

Debian: Security Advisory (DLA-4477-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2026-7426

Name of the Vulnerable Software and Affected Versions Bridge versions 15.1.3 and 16.0.1 and earlier Description The software contains an out-of-bounds write issue that may allow for arbitrary code execution with the privileges of the current user. A user must open a specially crafted file to...

PT-2026-7303

Name of the Vulnerable Software and Affected Versions TDX versions prior to 1.5.24 Description An out-of-bounds read issue exists within the hypervisor component of TDX. A privileged adversary with a low complexity attack may be able to cause information disclosure. This issue may occur via local...

Fedora: Security Advisory (FEDORA-2026-792b1b7bbd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2026-7266

Name of the Vulnerable Software and Affected Versions Ergosis Security Systems Computer Industry and Trade Inc. ZEUS PDKS versions 1.0.5.10 through 10022026 Description The software contains an Improper Neutralization of Special Elements used in an SQL Command issue, specifically a SQL Injection...