MiracleLinux 3 : perl-5.8.8-10.3.1AXS3 (AXSA:2008-74:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-74:01 advisory. Perl is a high-level programming language commonly used for system administration utilities and Web programming. A flaw was found in Perl's regular expression...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001672)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001672 advisory. A time-of-check to time-of-use issue exists in iouring subsystem's IORINGOPCLOSE operation in the Linux kernel's versions 5.6 - 5.11 inclusive, which allows a local...

libsoup security update

2.72.0-12.3 - Fix patch for CVE-2025-14523 to handle comparison case-insensitively 2.72.0-12.2 - Backport patch for CVE-2025-14523 2.72.0-12.1 - Backport patch for CVE-2025-4945 and CVE-2025-11021...

Fedora 42 : python-pdfminer (2026-4686d11563)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4686d11563 advisory. Backport fix for CVE-2025-64512 / GHSA-wf5f-4jwr-ppcp Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

Fedora: Security Advisory (FEDORA-2025-be2f64c384)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : python-pdfminer (2025-453047be66)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-453047be66 advisory. Backport security fix for GHSA-wf5f-4jwr-ppcp / CVE-2025-64512 Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 42 : mingw-poppler (2025-591ef9306a)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-591ef9306a advisory. Backport fix for CVE-2025.52885. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 41 : mbedtls (2025-fe7ea8bbdd)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-fe7ea8bbdd advisory. Backport CVE fixes from 3.6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

libsoup security update

2.72.0-10.3 - Backport patch for CVE-2025-4945 and CVE-2025-11021 2.72.0-10.2 - Backport patches for various CVEs Resolves: RHEL-85888 Resolves: RHEL-87081 Resolves: RHEL-88332 Resolves: RHEL-92285 2.72.0-10.1 - Backport patches for various CVEs, plus test improvements Resolves: RHEL-85906...

Fedora 43 : mingw-qt5-qtsvg / mingw-qt6-qtsvg (2025-f11955cbd4)

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-f11955cbd4 advisory. Backport fix for CVE-2025-10729. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Fedora 42 : mingw-binutils (2025-10c80b93e9)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-10c80b93e9 advisory. Backport fixes for CVE-2025-11082, CVE-2025-11083, CVE-2025-11494, CVE-2025-11495. Tenable has extracted the preceding description block directly fr...

alloy-dyn-abi has DoS vulnerability on `alloy_dyn_abi::TypedData` hashing

Impact An uncaught panic triggered by malformed input to alloydynabi::TypedData could lead to a denial-of-service DoS via eip712signinghash. Software with high availability requirements such as network services may be particularly impacted. If in use, external auto-restarting mechanisms can...

CVE-2025-62370

CVE-2025-62370 affects Alloy Core libraries at the root of the Rust Ethereum ecosystem, specifically the alloy-dyn-abi::TypedData hashing path. A DoS could result from an uncaught panic triggered by malformed input to TypedData, enabling denial-of-service via eip712_signing_hash(). The issue exis...

Fedora 42 : mingw-poppler (2025-15b4c6bad6)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-15b4c6bad6 advisory. Backport fix for CVE-2025-43718. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: git (UTSA-2025-986160)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986160 advisory. Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subjec...

CVE-2025-10537

Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

kernel security update

5.14.0-570.44.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

Oracle Linux 8 : postgresql:12 (ELSA-2025-15115)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-15115 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 12.22-5 - Fix previous Backport 12.22-4 - Backport CVE-2025-8715 Tenable has extracted the preceding...

Oracle Linux 7 : glibc (ELSA-2025-10219)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-10219 advisory. 2.17-326.0.11.3 - Back port fix for CVE-2025-4802 Orabug: 38144086 Tenable has extracted the preceding description block directly from the Oracle Linux securit...

Linux Distros Unpatched Vulnerability : CVE-2022-24999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an proto...