Oracle Linux 9 : doxygen (ELSA-2025-1329)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1329 advisory. 1:1.9.1-12 - Resolves: RHEL-78146, CVE-2020-11023, CVE-2020-11022 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Mageia: Security Advisory (MGASA-2025-0067)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2025-0065)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-1364

CVE-2025-1364 details a stack-based buffer overflow in the USB Protection Service's passPrompt function in MicroWord eScan Antivirus 7.0.32 on Linux. The flaw allows a local attacker to trigger exploitation on the host; the exploit has been publicly disclosed and vendor response is unavailable. A...

Azure Linux 3.0 Security Update: docker-buildx / docker-compose / moby-compose / moby-engine (CVE-2024-23650)

The version of docker-buildx / docker-compose / moby-compose / moby-engine installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23650 advisory. - BuildKit is a toolkit for converting source code to bui...

Azure Linux 3.0 Security Update: rabbitmq-server (CVE-2023-50966)

The version of rabbitmq-server installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-50966 advisory. - erlang-jose aka JOSE for Erlang and Elixir through 1.11.6 allow attackers to cause a denial of...

Azure Linux 3.0 Security Update: sriov-network-device-plugin / vitess (CVE-2024-45339)

The version of sriov-network-device-plugin / vitess installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45339 advisory. - When logs are written to a widely-writable directory the default, an...

doxygen security update

An update is available for doxygen. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Doxygen can generate an online class browser in HTML and/or a reference manua...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-3 (SUSE-SU-2025:0430-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0430-1 advisory. - CVE-2024-13176: Fixed timing side-channel in ECDSA signature computation bsc1236136. Tenable has...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.24 (SUSE-SU-2025:0431-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0431-1 advisory. - CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le bsc1236801. - CVE-2025-22867:...

SUSE SLES15 Security Update : kernel (Live Patch 22 for SLE 15 SP4) (SUSE-SU-2025:0455-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0455-1 advisory. This update for the Linux Kernel 5.14.21-15040024103 fixes several issues. The following security issues were fixed: - CVE-2024-45016: netem: f...

Azure Linux 3.0 Security Update: python3 (CVE-2024-6923)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6923 advisory. - There is a MEDIUM severity vulnerability affecting CPython. The email module didn't properly quote newlines...

Ubuntu: Security Advisory (USN-7262-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

podman: buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile

A vulnerability was found in podman build and buildah. This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the hos...

Azure Linux 3.0 Security Update: kernel (CVE-2024-50019)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50019 advisory. - In the Linux kernel, the following vulnerability has been resolved: kthread: unpark only parked kthread...

Azure Linux 3.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl (CVE-2022-4304)

The version of cloud-hypervisor / edk2 / hvloader / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4304 advisory. - A timing based side channel exists in the OpenSSL RSA Decryption...

Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / cert-manager / cf-cli / cni / cni-plugins (CVE-2024-45338)

The version of application-gateway-kubernetes-ingress / cert-manager / cf-cli / cni / cni-plugins installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45338 advisory. - An attacker can craft an input t...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-36009)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36009 advisory. - In the Linux kernel, the following vulnerability has been resolved: ax25: Fix netdev refcount issue...

Azure Linux 3.0 Security Update: kernel (CVE-2024-43854)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43854 advisory. - In the Linux kernel, the following vulnerability has been resolved: block: initialize integrity buffer to ze...

Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-23916)

The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-23916 advisory. - An allocation of resources without limits or throttling vulnerability exis...