Debian dla-4650 : giflib-tools - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4650 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4650-1 [email protected]...

SUSE SLES15 Security Update : openssl-1_1-livepatches (SUSE-SU-2026:2621-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2621-1 advisory. This update for openssl-11-livepatches fixes the following issues - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. Tenable has...

SUSE SLES15 Security Update : graphite2 (SUSE-SU-2026:2477-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2477-1 advisory. This update for graphite2 fixes the following issue: - CVE-2026-50593: Out-of-bounds write via Graphite actions bsc1267733. Tenable has...

AlmaLinux 8 : libpng (ALSA-2026:29898)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:29898 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 Tenable has extracted the preceding description block directly from th...

Debian dsa-6369 : pdns-recursor - security update

The remote Debian 13 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-6369 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6369-1 [email protected] https://www.debian.org/securit...

Oracle Linux 9 : postgresql:16 (ELSA-2026-26203)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-26203 advisory. pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3635 pgrepack 1.5.1-1 - Update to v1.5.1...

RockyLinux 10 : nginx (RLSA-2026:29874)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:29874 advisory. nginx: ngxhttprewritemodule: code execution and denial of service CVE-2026-9256 Tenable has extracted the preceding description block directly from the RockyLin...

Fedora 43 : openbao (2026-da7e499416)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-da7e499416 advisory. Update to upstream 2.5.5. Also fixes CVE-2026-55770, CVE-2026-55774, CVE-2026-55775, and CVE-2026-55776. Tenable has extracted the preceding...

SUSE SLES16 Security Update : nginx (SUSE-SU-2026:22178-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:22178-1 advisory. This update for nginx fixes the following issue - CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuratio...

Fedora 44 : tinyproxy (2026-efbe094630)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-efbe094630 advisory. Backport upstream fixes for CVE-2026-54387 and CVE-2026-54388. Tenable has extracted the preceding description block directly from the Fedora securi...

SUSE SLES15: libopenvswitch-3_1-0 / libovn-23_03-0 / openvswitch3 / etc (SUSE-SU-2026:2476-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2476-1 advisory. This update for openvswitch3 fixes the following issues - CVE-2026-5265: heap over-read in ICMP error response generation bsc126249...

SUSE SLES15: GraphicsMagick / GraphicsMagick-devel / libGraphicsMagick++-Q16-12 / etc (SUSE-SU-2026:2625-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:2625-1 advisory. This update for GraphicsMagick fixes the following issue - CVE-2026-46523: heap-use-after-free via a crafted MSL image bsc1268125. Tenable has extracte...

Oracle Linux 9 : libpng (ELSA-2026-28255)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-28255 advisory. - fix CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE RHEL-161448 Tenable has extracted the preceding description blo...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : xrdp vulnerabilities (USN-8476-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8476-1 advisory. It was discovered that xrdp incorrectly handled bounds checking when processing user domain information durin...

SUSE SLES16: himmelblau / himmelblau-qr-greeter / himmelblau-sshd-config / etc (SUSE-SU-2026:22186-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:22186-1 advisory. This update for himmelblau fixes the following issue - CVE-2026-45108: authentication bypass vulnerability in the Device Authorization Gran...

Fedora 44 : thunderbird (2026-cda0c20ce0)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-cda0c20ce0 advisory. Update to latest upstream version Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

SUSE SLES16 Security Update : python-paramiko (SUSE-SU-2026:22192-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:22192-1 advisory. This update for python-paramiko fixes the following issue - CVE-2026-44405: data integrity compromise due to allowed SHA-1 algorithm use...

SUSE SLES15 Security Update : bind (SUSE-SU-2026:2617-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2617-1 advisory. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-3039: BIND 9 server memory...

Ubuntu 24.04 LTS / 25.10 : AMD Microcode vulnerabilities (USN-8475-1)

The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8475-1 advisory. Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Kpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an...

SUSE SLES16 Security Update : python-aiohttp (SUSE-SU-2026:22173-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22173-1 advisory. This update for python-aiohttp fixes the following issues - CVE-2026-22815: insufficient header/trailer handling can cause a denia...