NewStart CGSL MAIN 7.02 : containerd Vulnerability (NS-SA-2025-0134)

The remote NewStart CGSL host, running version MAIN 7.02, has containerd packages installed that are affected by a vulnerability: - containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set a...

CBL Mariner 2.0 Security Update: libsoup (CVE-2025-32909)

The version of libsoup installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32909 advisory. - A flaw was found in libsoup. SoupContentSniffer May be vulnerable to a NULL pointer dereference in the...

Fedora 42 : thunderbird (2025-a52491bdd9)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a52491bdd9 advisory. Update to 128.11.0 https://www.thunderbird.net/en-US/thunderbird/128.11.0esr/releasenotes/...

Fedora 42 : python-pycares (2025-31830e02b0)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-31830e02b0 advisory. 4.9.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue but ha...

TencentOS Server 3: libxml2 (TSSA-2025:0238)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0238 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Fedora 42 : mod_security (2025-7faa0bc6e5)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-7faa0bc6e5 advisory. This update includes modsecurity version 2.9.9 which addresses CVE-2025-47947 and includes various bug fixes. See...

Fedora 41 : thunderbird (2025-5bf1989d48)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-5bf1989d48 advisory. Update to 128.11.0 https://www.thunderbird.net/en-US/thunderbird/128.11.0esr/releasenotes/...

Amazon Linux 2 : yelp-xsl (ALAS-2025-2861)

The version of yelp-xsl installed on the remote host is prior to 3.28.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2861 advisory. A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerabili...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2025-138-01)

The version of mozilla-firefox installed on the remote host is prior to 128.10.1esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-138-01 advisory. New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Tenable has...

CentOS 9 : kernel-5.14.0-583.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the kernel-5.14.0-583.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @blockclass's subsystem refcount leakage...

Fedora 41 : digikam (2025-5bbbb2df79)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-5bbbb2df79 advisory. update internal Libraw to 2025/03/17 snapshot Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Moodle 3.11.x < 3.11.16 phpCAS Library Upgrade

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.23, 3.11.x prior to 3.11.16 or 4.0.x prior to 4.0.10. The phpCAS library included with Moodle has been upgraded to version 1.6.0, which includes a fix for a serious security issue. Note that the...

Oracle Linux 8 : mysql:8.0 (ELSA-2025-1673)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-1673 advisory. mecab 0.996-2.12 - Bump version for 'mysql' module rebuild We are moving the 'mecab-devel' RPM from the 'buildroot' repo to the 'AppStream' repo -...

FreeBSD : chromium -- multiple security fixes (f572b9d1-ef6d-11ef-85f3-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the f572b9d1-ef6d-11ef-85f3-a8a1599412c6 advisory. Chrome Releases reports: This update includes 4 security fixes: Tenable has extracted the...

FreeBSD : chromium -- multiple security fixes (b09d0b3b-ef6d-11ef-85f3-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the b09d0b3b-ef6d-11ef-85f3-a8a1599412c6 advisory. Chrome Releases reports: This update includes 12 security fixes: Tenable has extracted the...

Azure Linux 3.0 Security Update: nodejs / nodejs18 / reaper (CVE-2023-42282)

The version of nodejs / nodejs18 / reaper installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-42282 advisory. - The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses such ...

Azure Linux 3.0 Security Update: hdf5 (CVE-2024-32621)

The version of hdf5 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32621 advisory. - HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HGread in H5HG.c called from...

Fedora 41 : golang-github-nvidia-container-toolkit (2025-a15b07073f)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a15b07073f advisory. Update to 1.17.3 Fixes CVE-2024-0134 or GHSA-7jm9-xpwx-v999 Fixes CVE-2024-0135 or GHSA-9v84-cc9j-pxr6, CVE-2024-0136 or GHSA-vcfp-63cx-4h59, and...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-47748)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47748 advisory. - In the Linux kernel, the following vulnerability has been resolved: vhostvdpa: assign irq bypass producer...

EulerOS 2.0 SP12 : lua (EulerOS-SA-2024-2954)

According to the versions of the lua package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal3,2^31.CVE-2020-24370...