Oracle Linux 9 : redis (ELSA-2025-7438)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7438 advisory. 6.2.18-1 - rebase to 6.2.18 for CVE-2025-21605 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Photon OS 5.0: Python3 PHSA-2025-5.0-0500

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0500. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CBL Mariner 2.0 Security Update: libxslt (CVE-2024-55549)

The version of libxslt installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-55549 advisory. - xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result...

Azure Linux 3.0 Security Update: expat / python3 (CVE-2024-45490)

The version of expat / python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45490 advisory. - An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for...

Photon OS 5.0: Openssl PHSA-2025-5.0-0480

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0480. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Emacs PHSA-2025-4.0-0758

An update of the emacs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0758. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

ClickHouse < 18.12.13

The version of ClickHouse installed on the remote host is prior to 18.12.13. It is, therefore, affected by an arbitrary file read vulnerability, In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages. Note tha...

Fedora 41 : java-11-openjdk (2025-e6f20785e3)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-e6f20785e3 advisory. January CPU 2025 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Photon OS 4.0: Postgresql13 PHSA-2024-4.0-0720

An update of the postgresql13 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0720. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Oracle Linux 9 : openexr (ELSA-2024-8800)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8800 advisory. 3.1.1-2.1 - fix CVE-2023-5481 RHEL-64162 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

NewStart CGSL MAIN 6.02 : libsolv Vulnerability (NS-SA-2024-0067)

The remote NewStart CGSL host, running version MAIN 6.02, has libsolv packages installed that are affected by a vulnerability: - A flaw was found in libsolv. A buffer overflow vulnerability could cause a denial of service. The highest threat from this vulnerability is to system availability...

Oracle Linux 8 : grafana (ELSA-2024-5291)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5291 advisory. 9.2.10-17 - Allow for mssql datasource in selinux policy - Resolves RHEL-43435 Tenable has extracted the preceding description block directly from the...

Dell iDRAC Service Module < 5.3.1.0 Multiple Vulnerabilities

Dell iDRAC Service Module version 5.3.0.0 and prior, contains multiple Out-of-bound Write Vulnerabilities. A privileged local attacker could execute arbitrary code potentially resulting in a denial of service event. Note that Nessus has not tested for this issue but has instead relied only on the...

Photon OS 5.0: Libssh PHSA-2024-5.0-0187

An update of the libssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0187. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CBL Mariner 2.0 Security Update: grpc / python-gevent (CVE-2020-22217)

The version of grpc / python-gevent installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-22217 advisory. - Buffer overflow vulnerability in c-ares before 1161 thru 1170 via function aresparsesoareply i...

RHEL 9 : exfatprogs (RHSA-2024:2437)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2437 advisory. The exfatprogs package contains utilities for formatting and repairing exFAT filesystems. Security Fixes: exfatprogs: exfatprogs allows out-of-bounds...

Fedora 40 : rclone (2023-ff1e594f3d)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ff1e594f3d advisory. Automatic update for rclone-1.64.0-1.fc40. Changelog Thu Oct 12 2023 Mikel Olasagasti Uranga - 1.64.0-1 - Update to 1.64.0 - Closes rhbz2238581...

RHEL 8 : container-tools:4.0 (RHSA-2024:2084)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2084 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: buildah: full...

Fedora 38 : rust-routinator (2024-28a151028a)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-28a151028a advisory. from changelog: Fix the RTR listener so that Routinator wont exit if an incoming RTR connection is closed again too quickly. 937, reported by Yohei Nishimura...

Fedora 38 : dotnet6.0 (2024-b0e165ded6)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-b0e165ded6 advisory. This is the February 2024 security update for .NET 6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...