125 matches found
AlmaLinux 10 : podman (ALSA-2025:20983)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20983 advisory. database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted...
AlmaLinux 10 : libsoup3 (ALSA-2025:21032)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21032 advisory. libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup CVE-2025-4945 libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTT...
AlmaLinux 8 : kernel-rt (ALSA-2025:21397)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21397 advisory. kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 Tenable has extracted the preceding description block directly from the...
AlmaLinux 8 : container-tools:rhel8 (ALSA-2025:21232)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21232 advisory. runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/conso...
AlmaLinux 8 : idm:DL1 (ALSA-2025:21140)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21140 advisory. python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV CVE-2025-59088 python-kdcproxy: Remote DoS via unbounded TCP upstream buffering...
AlmaLinux 9 : vim (ALSA-2025:20945)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20945 advisory. vim: Vim path traversal CVE-2025-53906 vim: Vim path traversial CVE-2025-53905 Tenable has extracted the preceding description block directly from the...
AlmaLinux 9 : redis (ALSA-2025:20926)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20926 advisory. redis: Lua library commands may lead to integer overflow and potential RCE CVE-2025-46817 Redis: Redis: Authenticated users can execute LUA scripts as a...
AlmaLinux 9 : kernel (ALSA-2025:19930)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:19930 advisory. kernel: information leak via transient execution vulnerability in some AMD processors CVE-2024-36350 kernel: transient execution vulnerability in some AM...
Moderate: open-vm-tools bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section...
AlmaLinux 8 : tigervnc (ALSA-2025:19909)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:19909 advisory. xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland: Use-after-free in Xkb client resource removal...
AlmaLinux 9 : .NET 9.0 (ALSA-2025:18151)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18151 advisory. dotnet: .NET Information Disclosure Vulnerability CVE-2025-55248 dotnet: .NET Security Feature Bypass Vulnerability CVE-2025-55315 dotnet: .NET Denial of...
AlmaLinux 10 : .NET 8.0 (ALSA-2025:18152)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18152 advisory. dotnet: .NET Information Disclosure Vulnerability CVE-2025-55248 dotnet: .NET Security Feature Bypass Vulnerability CVE-2025-55315 dotnet: .NET Denial o...
Moderate: java-1.8.0-openjdk security update
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: JDK: Enhance Path Factories CVE-2025-53066 JDK: Enhance Certificate Handling CVE-2025-53057 Bug Fixes: Since the 8.8 release of AlmaLinuxand the 9.2...
AlmaLinux 8 : libssh (ALSA-2025:18286)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:18286 advisory. libssh: out-of-bounds read in sftphandle CVE-2025-5318 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...
AlmaLinux 8 : kernel (ALSA-2025:17397)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17397 advisory. kernel: smb: client: fix use-after-free in cifsoplockbreak CVE-2025-38527 kernel: NFS: Fix filehandle bounds checking in nfsfhtodentry CVE-2025-39730...
AlmaLinux 9 : kernel (ALSA-2025:17377)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17377 advisory. kernel: security/keys: fix slab-out-of-bounds in keytaskpermission CVE-2024-50301 kernel: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB...
AlmaLinux 9 : iputils (ALSA-2025:17558)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:17558 advisory. iputils: iputils integer overflow CVE-2025-48964 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...
AlmaLinux 10 : podman (ALSA-2025:15901)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:15901 advisory. podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted the preceding description block directly from the AlmaLinux securit...
AlmaLinux 10 : grafana (ALSA-2025:8666)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8666 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly fr...
AlmaLinux 10 : libxml2 (ALSA-2025:10630)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10630 advisory. libxml: Heap use after free UAF leads to Denial of service DoS CVE-2025-49794 libxml: Null pointer dereference leads to Denial of service DoS...