RockyLinux 9 : rsync (RLSA-2026:19368)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19368 advisory. rsync: rsync server leaks arbitrary client files CVE-2024-12086 rsync: Rsync: Use-after-free vulnerability in extended attribute handling CVE-2026-41035...

RockyLinux 8 : osbuild-composer (RLSA-2026:3898)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3898 advisory. golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls...

RHCOS 4 : OpenShift Container Platform 4.6.23 (RHSA-2021:0956)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0956 advisory. - golang: data race in certain net/http servers including ReverseProxy can lead to DoS CVE-2020-15586 - golang: ReadUvarint and...

RHCOS 4 : OpenShift Container Platform 4.17.52 (RHSA-2026:5866)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5866 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - crypto/x509: golang: Denial of Service due ...

RHEL 10 : python3.12 (RHSA-2026:10711)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:10711 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

RHEL 9 : python3.12 (RHSA-2026:5399)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5399 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2024-8861:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8861:01 advisory. net/http: Denial of service due to improper 100-continue handling in net/http CVE-2024-24791 go/parser: golang: Calling any of the Parse functions...

Oracle Linux 9 : postgresql:16 (ELSA-2026-0493)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0493 advisory. pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3635 pgrepack 1.5.1-1 - Update to v1.5.1...

Fedora 42 : httpd (2025-f7c75ffee2)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f7c75ffee2 advisory. - version update - security update Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

Oracle Linux 8 : mysql:8.0 (ELSA-2025-23134)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23134 advisory. mecab mecab-ipadic mysql 8.0.44-1 - Rebase to MySQL 8.0.44 Tenable has extracted the preceding description block directly from the Oracle Linux securi...

GHSA-H7PC-V4HV-WJWM vulnerabilities

Vulnerabilities for packages: gitlab-operator-fips...

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2NITRO-ENCLAVES-2025-075 (ALASNITRO-ENCLAVES-2025-075)

The version of oci-add-hooks installed on the remote host is prior to 0-0.5.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-075 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function...

Fedora 42 : prometheus-podman-exporter (2025-b4003be6a2)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b4003be6a2 advisory. release v1.19.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested fo...

Fedora 43 : firebird (2025-10462d0b3e)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-10462d0b3e advisory. 4.0.6.3221 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for the...

Fedora 44 : containernetworking-plugins (2025-dd17908bcd)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-dd17908bcd advisory. Automatic update for containernetworking-plugins-1.8.0-2.fc44. Changelog Fri Sep 26 2025 Bradley G Smith - 1.8.0-2 - Resolve CVE-2025-47910 -...

Fedora 41 : yq (2025-d8a379a267)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-d8a379a267 advisory. Add shell-completions ---- Update to 4.47.1 and adopt go-vendor-tools Tenable has extracted the preceding description block directly from the Fedora...

Oracle Linux 9 : postgresql:16 (ELSA-2025-14827)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14827 advisory. pgaudit pgrepack pgvector 0.6.2-2 - Enable Portable build - Resolves: RHEL-84405 postgres-decoderbufs postgresql 16.10-1 - Update to 16.10 Tenable has...

Amazon Linux 2 : kernel, --advisory ALAS2-2025-2968 (ALAS-2025-2968)

The version of kernel installed on the remote host is prior to 4.14.355-280.672. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2968 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is...

Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2025-1866)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 8 : kernel (ALSA-2025:11455)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:11455 advisory. kernel: tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 kernel: net: ch9200: fix uninitialised access during miinwayrestart...