Linux Distros Unpatched Vulnerability : CVE-2015-3233

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishin...

Oracle Linux 7 : kernel (ELSA-2025-11358)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11358 advisory. - net: atlantic: fix aqvec index out of range error Chia-Lin Kao CVE-2022-50066 Orabug: 38201271 Tenable has extracted the preceding description block...

SUSE SLES15 Security Update : kernel (Live Patch 7 for SLE 15 SP6) (SUSE-SU-2025:02673-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02673-1 advisory. This update for the Linux Kernel 6.4.0-1506002333 fixes several issues. The following security issues were fixed: - CVE-2024-56664: bpf,...

Linux Distros Unpatched Vulnerability : CVE-2022-49765

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/9p: use a dedicated spinlock for transfd Shamelessly copying the explanation from Tetsuo Handa's suggested patch1 slightly reworded: syzbot is reporting...

Linux Distros Unpatched Vulnerability : CVE-2025-38430

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfsd: nfsd4spomustallow must check this is a v4 compound request If the request being processed is not a v4 compound request, then examining the cstate can have...

Linux Distros Unpatched Vulnerability : CVE-2024-10465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A clipboard paste button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4...

Oracle Linux 9 : ncurses (ELSA-2025-12876)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-12876 advisory. 6.2-10.20210508.el96.2 - remove execute permissions from ANNOUNCE file RHEL-102738 6.2-10.20210508.el96.1 - guard against corrupt terminfo data in string...

Linux Distros Unpatched Vulnerability : CVE-2021-46980

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4 commit 4dbc6a4ef06d usb:...

Linux Distros Unpatched Vulnerability : CVE-2025-37942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: pidff: Make sure to fetch pool before checking SIMULTANEOUSMAX As noted by Anssi some 20 years ago, pool report is sometimes messed up. This worked fine on...

Amazon Linux 2023 : libnvidia-cfg, libnvidia-ml, nvidia-driver-cuda (ALAS2023NVIDIA-2025-144)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-144 advisory. NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outside bounds permitted under normal use cases. A...

Linux Distros Unpatched Vulnerability : CVE-2021-2215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.23 and prior. Easily...

Linux Distros Unpatched Vulnerability : CVE-2021-30640

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the...

Oracle Linux 7 : python3-setuptools (ELSA-2025-11607)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-11607 advisory. 39.2.0-10.0.5 - Back port fix for CVE-2025-47273 Orabug: 38229296 Tenable has extracted the preceding description block directly from the Oracle Linux security...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rav1e (SUSE-SU-2025:02586-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02586-1 advisory. - CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. bsc1243855 Tenable has...

Photon OS 4.0: Linux PHSA-2025-4.0-0840

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0840. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

USN-7683-2 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - TTY drivers; - Network traffic control; CVE-2025-38083, CVE-2024-50073...

Azure Linux 3.0 Security Update: protobuf (CVE-2025-4565)

The version of protobuf installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-4565 advisory. - Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an...

Azure Linux 3.0 Security Update: libxml2 (CVE-2025-49796)

The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49796 advisory. - A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can...

nodejs:22 security update

An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...

python-jinja2 security update

An update is available for python-jinja2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...