[SECURITY] Fedora 41 Update: perl-Devel-Cover-1.44-6.fc41

This module provides code coverage metrics for Perl. Code coverage metrics describe how thoroughly tests exercise code. By using Devel::Cover you can discover areas of code not exercised by your tests and determine which tests to create to increase coverage. Code coverage can be considered as an...

HP LaserJet Pro Printers Information Disclosure (HPSBPI04040)

Certain HP LaserJet Pro print products is potentially vulnerable to information disclosure when a non-authenticated user queries a device’s local address book. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

[SECURITY] Fedora 42 Update: perl-Devel-Cover-1.44-6.fc42

This module provides code coverage metrics for Perl. Code coverage metrics describe how thoroughly tests exercise code. By using Devel::Cover you can discover areas of code not exercised by your tests and determine which tests to create to increase coverage. Code coverage can be considered as an...

Oracle Linux 9 : glibc (ELSA-2025-12748)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-12748 advisory. 2.34-168.0.1.23 - Forward-port Oracle patches for ol9-u6 Reviewed-by: Jose E. Marchesi Oracle history: Tenable has extracted the preceding description block...

[SECURITY] Fedora 41 Update: mingw-gstreamer1-plugins-bad-free-1.24.10-3.fc41

GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality...

[SECURITY] Fedora 42 Update: mingw-gstreamer1-plugins-bad-free-1.25.1-3.fc42

GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality...

Mozilla Thunderbird < 139.0

The version of Thunderbird installed on the remote Windows host is prior to 139.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-45 advisory. - Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21665)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21665 advisory. - In the Linux kernel, the following vulnerability has been resolved: filemap: avoid truncating 64-bit offset ...

Oracle Linux 9 : glibc (ELSA-2025-4244)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4244 advisory. 2.34-125.0.1.8 - Forward-port Oracle patches for ol9-u5 glibc-2.34-125.0.1.8 Reviewed by: David Faust Oracle history: Tenable has extracted the preceding...

Oracle Coherence (April 2025 CPU)

The version of Coherence installed on the remote host is affected by a vulnerability as referenced in the April 2025 CPU advisory. - Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Third Party Netty. Supported versions that are affected are 12.2.1.4.0,...

Progress WhatsUp Gold < 24.0.3 Database Manipulation (CVE-2025-2572)

The version of Progress WhatsUp Gold installed on the remote host is prior to 24.0.3. It is, therefore, affected by a database manipulation vulnerability: - In WhatsUp Gold versions released before 2024.0.3, a database manipulation vulnerability allows an unauthenticated attacker to modify the...

Fedora 41 : cri-tools1.29 (2025-37c6639afe)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-37c6639afe advisory. - Resolve FTBFS - Resolves: rhbz2352149 - Adopt trivy for license detection to be consistent with cri- tools1.29..1.32 Tenable has extracted the preceding...

FreeBSD : qt6-webengine -- Multiple vulnerabilities (7cb6642c-0c5a-11f0-8688-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 7cb6642c-0c5a-11f0-8688-4ccc6adda413 advisory. Qt qtwebengine-chromium repo reports: Backports for 11 security bugs in Chromium: Tenable has...

389 Directory Server 代码问题漏洞

389 Directory Server is a highly available, fully functional, reliable and secure LDAP server implementation of 389 Directory Server open source. A code issue vulnerability exists in 389 Directory Server that stems from an untested return value from an ldap MODDN operation, which could result in ...

Linux Distros Unpatched Vulnerability : CVE-2017-14160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The barknoisehybridmp function in psy.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service out-of-bounds access and application...

Azure Linux 3.0 Security Update: kernel (CVE-2024-47737)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47737 advisory. - In the Linux kernel, the following vulnerability has been resolved: nfsd: call cacheput if xdrreservespace...

Amazon Linux 2023 : jackson-databind (ALAS2023-2025-798)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-798 advisory. In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer.deserializeFromArray to prevent use of deeply nested arrays. An application is...

[SECURITY] Fedora 41 Update: mingw-gstreamer1-plugins-bad-free-1.24.10-1.fc41

GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested well enough, or the code is not of good enough quality...

Oracle Siebel Server <= 22.12 (July 2023 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the July 2023 CPU advisory. - Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: UI Framework CodeMirror. Supported versions that are affected are 22.12 and prior...

CVE-2024-41097 usb: atm: cxacru: fix endpoint checking in cxacru_bind()

In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacrubind Syzbot is still reporting quite an old issue 1 that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be used at urb sumbitting...