SUSE SLES16 Security Update : python-aiohttp (SUSE-SU-2026:22173-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22173-1 advisory. This update for python-aiohttp fixes the following issues - CVE-2026-22815: insufficient header/trailer handling can cause a denia...

SUSE SLES15: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2026:2614-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2614-1 advisory. - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. - CVE-2026-42766: Possible NULL Dereference in...

RockyLinux 9 : tigervnc (RLSA-2026:29844)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:29844 advisory. xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch...

AlmaLinux 10 : skopeo (ALSA-2026:29035)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:29035 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient...

AlmaLinux 9 : python3.14-urllib3 (ALSA-2026:28157)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:28157 advisory. urllib3: urllib3: Denial of Service due to excessive HTTP response decompression CVE-2026-44432 urllib3: urllib3: Information disclosure via cross-origin...

Fedora 43 : docker-buildx (2026-3cca6f41d4)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3cca6f41d4 advisory. - Update to release v0.35.0 - Resolves: rhbz2487819 - Resolves CVE-2026-39828: rhbz2489918, rhbz2490102 - Upstream enhancements, new features, and...

SUSE SLES16 Security Update : python-PyJWT (SUSE-SU-2026:22170-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22170-1 advisory. This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments directly to...

SUSE SLES15: xen / xen-devel / xen-libs / xen-tools / xen-tools-domU / etc (SUSE-SU-2026:2613-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2613-1 advisory. This update for xen fixes the following issues - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. - CVE-2026-42487:...

SUSE SLES12 Security Update : tar (SUSE-SU-2026:2615-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2615-1 advisory. Upgrade tar to version 1.34 jscPED-16073. Security issues fixed: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives...

Fedora 43 : python-jupyter-server (2026-9536c7cb79)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9536c7cb79 advisory. New version of jupyter-server fixing various security vulnerabilities. Tenable has extracted the preceding description block directly from the Fedor...

Oracle Linux 9 : bind (ELSA-2026-24367)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-24367 advisory. - Fix GSS-API resource leak CVE-2026-3039 - Invalid handling of CLASS != IN CVE-2026-5946 Tenable has extracted the preceding description block direct...

AlmaLinux 9 : nginx:1.24 (ALSA-2026:28212)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:28212 advisory. nginx: ngxhttprewritemodule: code execution and denial of service CVE-2026-9256 Tenable has extracted the preceding description block directly from the AlmaLinux...

SUSE SLES15: libopenvswitch-3_1-0 / libovn-23_03-0 / openvswitch / etc (SUSE-SU-2026:2475-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2475-1 advisory. This update for openvswitch fixes the following issues - CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498...

RHEL 8 : postgresql:12 (RHSA-2026:29815)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:29815 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system accou...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : NSD vulnerabilities (USN-8474-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8474-1 advisory. It was discovered that NSD incorrectly handled APL resource records with an address length...

SUSE SLES16 Security Update : libjxl (SUSE-SU-2026:22174-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:22174-1 advisory. This update for libjxl fixes the following issue - CVE-2025-70103: heap buffer overflow when hen processing crafted pbm-images due to...

SUSE SLES15: docker-stable / docker-stable-bash-completion / etc (SUSE-SU-2026:2579-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2579-1 advisory. - CVE-2026-33997: Fixed privilege validation bypass during plugin bsc1265907. - CVE-2026-34040: Fixed Authz zero length regression...

Oracle Linux 9 : mysql (ELSA-2026-23332)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-23332 advisory. 8.0.46-1 - Rebase to 8.0.46 8.0.45-2 - Revert to soft static allocation of MariaDB and MySQL sysusers.d files Tenable has extracted the preceding...

SUSE SLES12 Security Update : libzypp (SUSE-SU-2026:2628-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2628-1 advisory. This update for libzypp fixes the following issue - CVE-2026-25707: Handcrafted repo metadata may cause arbitrary local files to be overwritten...

Debian dla-4649 : libdbi-perl - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4649 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4649-1 [email protected]...