Oracle Linux 9 : glibc (ELSA-2025-4244)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4244 advisory. 2.34-125.0.1.8 - Forward-port Oracle patches for ol9-u5 glibc-2.34-125.0.1.8 Reviewed by: David Faust Oracle history: Tenable has extracted the preceding...

Amazon Linux 2023 : jackson-databind (ALAS2023-2025-798)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-798 advisory. In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer.deserializeFromArray to prevent use of deeply nested arrays. An application is...

Oracle Siebel Server <= 22.12 (July 2023 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the July 2023 CPU advisory. - Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: UI Framework CodeMirror. Supported versions that are affected are 22.12 and prior...

CentOS 9 : swtpm-0.8.0-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the swtpm-0.8.0-1.el9 build changelog. - swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are...

Amazon Linux 2 : ipa (ALAS-2024-2457)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2457 advisory. A Cross-site request forgery vulnerability exists in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform...