RLSA-2026:1374 Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Denial Of Service (DoS)

Protobuf is vulnerable to a Denial-Of-Service DoS. The vulnerability is due to bypassed recursion depth limits when parsing nested Any messages, where missing depth accounting in the ParseDict logic allows deeply nested inputs to exhaust the Python recursion stack and trigger a RecursionError...

SUSE CVE-2026-24408

sigstore-python is a Python tool for generating and verifying Sigstore signatures. Prior to version 4.2.0, the sigstore-python OAuth authentication flow is susceptible to Cross-Site Request Forgery. OAuthSession creates a unique "state" and sends it as a parameter in the authentication request bu...

SUSE CVE-2026-24486

Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using non-default configuration options UPLOADDIR and UPLOADKEEPFILENAME=True. An attacker can write uploaded files to arbitrary locations on the filesystem by crafting...

PT-2026-5133

Name of the Vulnerable Software and Affected Versions Amidaware Inc Tactical RMM versions prior to 1.3.2 Description A remote attacker can execute arbitrary code through the /api/tacticalrmm/apiv3/views.py component. Recommendations Update to a version later than 1.3.1...

CVE-2025-69517

An HTML injection vulnerability in Amidaware Inc Tactical RMM v1.3.1 and earlier allows authenticated users to inject arbitrary HTML content during the creation of a new agent via the POST /api/v3/newagent/ endpoint. The agentid parameter accepts up to 255 characters and is improperly sanitized...

python3.9 security update

3.9.25-3.0.1 - Remove upstream URL reference 3.9.25-3 - Security fix for CVE-2025-12084 Resolves: RHEL-135897...

OPENSUSE-SU-2026:10109-1 python311-sse-starlette-3.2.0-1.1 on GA media

These are all security issues fixed in the python311-sse-starlette-3.2.0-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE SLES12 Security Update : python-pyasn1 (SUSE-SU-2026:0300-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0300-1 advisory. - CVE-2026-23490: Fixed malformed RELATIVE-OID with excessive continuation octets leading to Denial of Service bsc1256902 Tenable has extracted the...

Oracle Linux 8 : python3.11 (ELSA-2026-1374)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1374 advisory. - Security fix for CVE-2025-13836 Resolves: RHEL-140992 Tenable has extracted the preceding description block directly from the Oracle Linux security...

SUSE SLES15 Security Update : python311 (SUSE-SU-2026:0299-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0299-1 advisory. - CVE-2025-12084: prevent quadratic behavior in node ID cache clearing bsc1254997. - CVE-2025-13836: prevent reading an HTTP respon...

ALSA-2026:1478 Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

NewStart CGSL MAIN 6.06 : python3_11 Vulnerability (NS-SA-2025-0241)

The remote NewStart CGSL host, running version MAIN 6.06, has python311 packages installed that are affected by a vulnerability: - The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as globally reachable or private. This affected the...

Oracle Linux 9 : python3.12 (ELSA-2026-1408)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1408 advisory. - Security fix for CVE-2025-13836 Resolves: RHEL-141026 Tenable has extracted the preceding description block directly from the Oracle Linux security...

RockyLinux 9 : python3.12 (RLSA-2026:1408)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1408 advisory. cpython: Excessive read buffering DoS in http.client CVE-2025-13836 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of...

RockyLinux 8 : python3.11 (RLSA-2026:1374)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1374 advisory. cpython: Excessive read buffering DoS in http.client CVE-2025-13836 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of...

RockyLinux 9 : python3.11 (RLSA-2026:1410)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1410 advisory. cpython: Excessive read buffering DoS in http.client CVE-2025-13836 cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of...

Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Mageia: Security Advisory (MGASA-2026-0020)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-4458 : python-django-doc - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4458 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4458-1 [email protected]...