125 matches found
AlmaLinux 9 : python3.12 (ALSA-2026:1408)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1408 advisory. cpython: Excessive read buffering DoS in http.client CVE-2025-13836 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of...
AlmaLinux 10 : glibc (ALSA-2026:1334)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1334 advisory. glibc: Integer overflow in memalign leads to heap corruption CVE-2026-0861 glibc: glibc: Information disclosure via zero-valued network query CVE-2026-09...
AlmaLinux 9 : java-1.8.0-openjdk (ALSA-2026:0932)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0932 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpn...
AlmaLinux 8 : go-toolset:rhel8 (ALSA-2026:0921)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:0921 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 Tenable has extracted the preceding description...
AlmaLinux 10 : gpsd (ALSA-2026:0770)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0770 advisory. gpsd: gpsd: Denial of Service due to malformed NAVCOM packet parsing CVE-2025-67269 gpsd: gpsd: Arbitrary code execution via heap-based out-of-bounds wri...
AlmaLinux 9 : jmc (ALSA-2026:0752)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:0752 advisory. lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing CVE-2025-66566 Tenable has extracted the preceding description block directly fr...
AlmaLinux 9 : buildah (ALSA-2026:0437)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:0437 advisory. golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS CVE-2025-47913 Tenable has extracted the preceding...
AlmaLinux 9 : libpng (ALSA-2026:0238)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0238 advisory. libpng: LIBPNG buffer overflow CVE-2025-64720 libpng: LIBPNG heap buffer overflow CVE-2025-65018 libpng: LIBPNG out-of-bounds read in pngimagereadcomposit...
AlmaLinux 8 : mingw-libpng (ALSA-2026:0125)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0125 advisory. libpng: LIBPNG buffer overflow CVE-2025-64720 libpng: LIBPNG heap buffer overflow CVE-2025-65018 libpng: LIBPNG out-of-bounds read in pngimagereadcomposit...
OPENSUSE-SU-2026:20000-1 Security update for salt
This update for salt fixes the following issues: Changes in salt: - Add minimumauthversion to enforce security CVE-2025-62349 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-9026 - Junos module yaml loader fix CVE-2025-62348 - Require Python dependencies onl...
AlmaLinux 10 : openssh (ALSA-2025:23479)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23479 advisory. openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand CVE-2025-61984 openssh: OpenSSH: Null character in ssh://...
AlmaLinux 9 : php:8.3 (ALSA-2025:23309)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23309 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...
AlmaLinux 10 : skopeo (ALSA-2025:23294)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23294 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...
Important: opentelemetry-collector security update
Collector with the supported components for a AlmaLinux build of OpenTelemetry Security Fixes: github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation CVE-2025-68156 For more details about the security issues, including the impact, a CVSS score,...
AlmaLinux 9 : kernel (ALSA-2025:22865)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:22865 advisory. kernel: can: j1939: implement NETDEVUNREGISTER notification handler CVE-2025-39925 kernel: net/mlx5: fs, fix UAF in flow counter release CVE-2025-39979...
AlmaLinux 8 : kernel (ALSA-2025:22801)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:22801 advisory. kernel: mm: kmem: fix a NULL pointer dereference in objstockflushrequired CVE-2023-53401 kernel: RDMA/rxe: Fix incomplete state save in rxerequester...
AlmaLinux 8 : kernel-rt (ALSA-2025:22387)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:22387 advisory. kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: smb: client: fix race with concurrent opens in rename2...
AlmaLinux 8 : gimp:2.8 (ALSA-2025:22417)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:22417 advisory. gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10922 gimp: GIMP ICNS File Parsing Out-Of-Bounds Writ...
AlmaLinux 9 : firefox (ALSA-2025:21280)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21280 advisory. firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox:...
AlmaLinux 10 : python-kdcproxy (ALSA-2025:21142)
The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:21142 advisory. python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV CVE-2025-59088 python-kdcproxy: Remote DoS via unbounded TCP upstream buffering...