The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7692 advisory.

    Mozilla Thunderbird is a standalone mail and newsgroup client.

    Security Fix(es):

    * firefox: thunderbird: Privilege escalation in Firefox Updater (CVE-2025-2817)

    * firefox: thunderbird: Unsafe attribute access during XPath parsing (CVE-2025-4087)

    * firefox: thunderbird: Process isolation bypass using javascript: URI links in cross-origin frames     (CVE-2025-4083)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and     Thunderbird 128.10 (CVE-2025-4091)

    * firefox: thunderbird: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10     (CVE-2025-4093)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7672 advisory.

    The xdg-utils package is a set of simple scripts that provide basic desktop integration functions for any     Free Desktop.

    Security Fix(es):

    * xdg-utils: improper parse of mailto URIs allows bypass of Thunderbird security mechanism for attachments     (CVE-2022-4055)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7694 advisory.

    Mozilla Thunderbird is a standalone mail and newsgroup client.

    Security Fix(es):

    * firefox: thunderbird: Privilege escalation in Firefox Updater (CVE-2025-2817)

    * firefox: thunderbird: Unsafe attribute access during XPath parsing (CVE-2025-4087)

    * firefox: thunderbird: Process isolation bypass using javascript: URI links in cross-origin frames     (CVE-2025-4083)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and     Thunderbird 128.10 (CVE-2025-4091)

    * firefox: thunderbird: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10     (CVE-2025-4093)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7693 advisory.

    Mozilla Thunderbird is a standalone mail and newsgroup client.

    Security Fix(es):

    * firefox: thunderbird: Privilege escalation in Firefox Updater (CVE-2025-2817)

    * firefox: thunderbird: Unsafe attribute access during XPath parsing (CVE-2025-4087)

    * firefox: thunderbird: Process isolation bypass using javascript: URI links in cross-origin frames     (CVE-2025-4083)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and     Thunderbird 128.10 (CVE-2025-4091)

    * firefox: thunderbird: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10     (CVE-2025-4093)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7689 advisory.

    Mozilla Thunderbird is a standalone mail and newsgroup client.

    Security Fix(es):

    * firefox: thunderbird: Privilege escalation in Firefox Updater (CVE-2025-2817)

    * firefox: thunderbird: Unsafe attribute access during XPath parsing (CVE-2025-4087)

    * firefox: thunderbird: Process isolation bypass using javascript: URI links in cross-origin frames     (CVE-2025-4083)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and     Thunderbird 128.10 (CVE-2025-4091)

    * firefox: thunderbird: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10     (CVE-2025-4093)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7676 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: mm: call the security_mmap_file() LSM hook in remap_file_pages() (CVE-2024-47745)

    * kernel: vsock: Keep the binding until socket destruction (CVE-2025-21756)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7683 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: mm: call the security_mmap_file() LSM hook in remap_file_pages() (CVE-2024-47745)

    * kernel: vsock: Keep the binding until socket destruction (CVE-2025-21756)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7686 advisory.

    Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can     contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data     set. You can persist it either by dumping the data set to disk every once in a while, or by appending each     command to a log.

    Security Fix(es):

    * redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated     client (CVE-2025-21605)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7732 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: netfilter: ipset: add missing range check in bitmap_ip_uadt (CVE-2024-53141)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7652 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: netfilter: ipset: add missing range check in bitmap_ip_uadt (CVE-2024-53141)

    * kernel: vsock: Keep the binding until socket destruction (CVE-2025-21756)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7630 advisory.

    New version of Discovery CLI (dsc) and installer are now available for RHEL 8 and RHEL 9 for Discovery     1.14.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7641 advisory.

    Git is a distributed revision control system with a decentralized architecture. As opposed to centralized     version control systems with a client-server model, Git ensures that each working copy of a Git repository     is an exact copy with complete revision history. This not only allows the user to work on and contribute     to projects without the need to have permission to push the changes to their official repositories, but     also makes it possible for the user to work with no network connection.

    Security Fix(es):

    * git: The sideband payload is passed unfiltered to the terminal in git (CVE-2024-52005)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7640 advisory.

    Git is a distributed revision control system with a decentralized architecture. As opposed to centralized     version control systems with a client-server model, Git ensures that each working copy of a Git repository     is an exact copy with complete revision history. This not only allows the user to work on and contribute     to projects without the need to have permission to push the changes to their official repositories, but     also makes it possible for the user to work with no network connection.

    Security Fix(es):

    * git: The sideband payload is passed unfiltered to the terminal in git (CVE-2024-52005)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7531 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() (CVE-2022-49011)

    * kernel: netfilter: ipset: add missing range check in bitmap_ip_uadt (CVE-2024-53141)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7418 advisory.

    PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

    Security Fix(es):

    * php: Header parser of http stream wrapper does not handle folded headers (CVE-2025-1217)

    * php: Stream HTTP wrapper header check might omit basic auth header (CVE-2025-1736)

    * php: Streams HTTP wrapper does not fail for headers with invalid name and no colon (CVE-2025-1734)

    * php: libxml streams use wrong content-type header when requesting a redirected resource (CVE-2025-1219)

    * php: Stream HTTP wrapper truncates redirect location to 1024 bytes (CVE-2025-1861)

    * php: Reference counting in php_request_shutdown causes Use-After-Free (CVE-2024-11235)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7539 advisory.

    Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text     files and to perform system management tasks.

    Security Fix(es):

    * oniguruma: integer overflow in search_in_range function in regexec.c leads to out-of-bounds read     (CVE-2019-19012)

    * rubygem-bundler: unexpected code execution in Gemfiles (CVE-2021-43809)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7540 advisory.

    The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain     simple client programs for accessing the libjpeg functions. These packages provide the same functionality     and API as libjpeg but with better performance.

    Security Fix(es):

    * libjpeg-turbo: heap-based buffer over-read in get_rgb_row() in rdppm.c (CVE-2020-13790)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7535 advisory.

    Security Fix(es):

    * h11 accepts some malformed Chunked-Encoding bodies (CVE-2025-43859)

    For more details about the security issue(s), including the impact, a CVSS     score, acknowledgments, and other related information, refer to the CVE     page listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7536 advisory.

    Security Fix(es):

    * h11 accepts some malformed Chunked-Encoding bodies (CVE-2025-43859)

    For more details about the security issue(s), including the impact, a CVSS     score, acknowledgments, and other related information, refer to the CVE     page listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7537 advisory.

    Node.js is a software development platform for building fast and scalable network applications in the     JavaScript programming language.

    Security Fix(es):

    * c-ares: c-ares has a use-after-free in read_answers() (CVE-2025-31498)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7526 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: Information disclosure in vhost/vhost.c:vhost_new_msg() (CVE-2024-0340)

    * kernel: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()     (CVE-2023-52594)

    * kernel: dmaengine: fix NULL pointer in channel unregistration function (CVE-2023-52492)

    * kernel: cachefiles: fix memory leak in cachefiles_add_cache() (CVE-2024-26840)

    * kernel: wifi: mt76: mt7921e: fix use-after-free in free_irq() (CVE-2024-26892)

    * kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks (CVE-2024-35912)

    * kernel: x86/mm/pat: fix VM_PAT handling in COW mappings (CVE-2024-35877)

    * kernel: crypto: pcrypt - Fix hungtask for PADATA_RESET (CVE-2023-52813)

    * kernel: pwm: Fix double shift bug (CVE-2023-52756)

    * kernel: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (CVE-2024-47668)

    * kernel: netfilter: ipset: add missing range check in bitmap_ip_uadt (CVE-2024-53141)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7543 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: thunderbird: Privilege escalation in Firefox Updater (CVE-2025-2817)

    * firefox: thunderbird: Unsafe attribute access during XPath parsing (CVE-2025-4087)

    * firefox: thunderbird: Process isolation bypass using javascript: URI links in cross-origin frames     (CVE-2025-4083)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and     Thunderbird 128.10 (CVE-2025-4091)

    * firefox: thunderbird: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10     (CVE-2025-4093)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7533 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: netfilter: ipset: add missing range check in bitmap_ip_uadt (CVE-2024-53141)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7534 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: netfilter: ipset: add missing range check in bitmap_ip_uadt (CVE-2024-53141)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7538 advisory.

    Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can     contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data     set. You can persist it either by dumping the data set to disk every once in a while, or by appending each     command to a log.

    Security Fix(es):

    * redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated     client (CVE-2025-21605)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7547 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: thunderbird: Privilege escalation in Firefox Updater (CVE-2025-2817)

    * firefox: thunderbird: Unsafe attribute access during XPath parsing (CVE-2025-4087)

    * firefox: thunderbird: Process isolation bypass using javascript: URI links in cross-origin frames     (CVE-2025-4083)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and     Thunderbird 128.10 (CVE-2025-4091)

    * firefox: thunderbird: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10     (CVE-2025-4093)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7545 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: thunderbird: Privilege escalation in Firefox Updater (CVE-2025-2817)

    * firefox: thunderbird: Unsafe attribute access during XPath parsing (CVE-2025-4087)

    * firefox: thunderbird: Process isolation bypass using javascript: URI links in cross-origin frames     (CVE-2025-4083)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and     Thunderbird 128.10 (CVE-2025-4091)

    * firefox: thunderbird: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10     (CVE-2025-4093)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7546 advisory.

    nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency,     performance, and low memory usage.

    Security Fix(es):

    * nginx: Memory corruption in the ngx_http_mp4_module (CVE-2022-41741)

    * nginx: Memory disclosure in the ngx_http_mp4_module (CVE-2022-41742)

    * nginx: specially crafted MP4 file may cause denial of service (CVE-2024-7347)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7544 advisory.

    Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and     portability.

    Security Fix(es):

    * firefox: thunderbird: Privilege escalation in Firefox Updater (CVE-2025-2817)

    * firefox: thunderbird: Unsafe attribute access during XPath parsing (CVE-2025-4087)

    * firefox: thunderbird: Process isolation bypass using javascript: URI links in cross-origin frames     (CVE-2025-4083)

    * firefox: thunderbird: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and     Thunderbird 128.10 (CVE-2025-4091)

    * firefox: thunderbird: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10     (CVE-2025-4093)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7407 advisory.

    Collector with the supported components for a Red Hat build of OpenTelemetry

    Security Fix(es):

    * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144)

    * golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws     (CVE-2025-22868)

    * github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input (CVE-2025-29786)

    * golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7387 advisory.

    WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

    Security Fix(es):

    * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash     (CVE-2024-44192)

    * webkitgtk: A malicious website may exfiltrate data cross-origin (CVE-2024-54467)

    * webkitgtk: Processing web content may lead to a denial-of-service (CVE-2024-54551)

    * webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack (CVE-2025-24208)

    * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash     (CVE-2025-24209)

    * webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash     (CVE-2025-24216)

    * webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash     (CVE-2025-30427)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7395 advisory.

    389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the     Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.

    Security Fix(es):

    * 389-ds-base: null pointer dereference leads to denial of service (CVE-2025-2487)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7391 advisory.

    The podman tool manages pods, container images, and containers. It is part of the libpod library, which is     for applications that use container pods. Container pods is a concept in Kubernetes.

    Security Fix(es):

    * go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144)

    * golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh     (CVE-2025-22869)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7094 advisory.

    Authoritative DNS server for A/AAAA container records  Forwards other request to configured resolvers.
    Read more about configuration in `src/backend/mod.rs`.

    Security Fix(es):

    * containers/aardvark-dns: TCP Query Handling Flaw in Aardvark-dns Leading to Denial of Service     (CVE-2024-8418)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7138 advisory.

    The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can     encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and     automated mechanism for serializing structured data.

    Security Fix(es):

    * protobuf: message parsing vulnerability in ProtocolBuffers (CVE-2022-1941)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7147 advisory.

    The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system     trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-     ostree-client package provides commands for client systems to perform upgrades and rollbacks.

    Security Fix(es):

    * rust-openssl: rust openssl ssl::select_next_proto use after free (CVE-2025-24898)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7067 advisory.

    Kerberos is a network authentication system, which can improve the security of your network by eliminating     the insecure practice of sending passwords over the network in unencrypted form. It allows clients and     servers to authenticate to each other with the help of a trusted third party, the Kerberos key     distribution center (KDC).

    Security Fix(es):

    * krb5: overflow when calculating ulog block size (CVE-2025-24528)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7043 advisory.

    The microcode_ctl packages provide microcode updates for Intel and AMD processors.

    Security Fix(es):

    * microcode_ctl: Improper input validation in UEFI firmware (CVE-2024-28047)

    * microcode_ctl: Insufficient granularity of access control in UEFI firmware (CVE-2024-39279)

    * microcode_ctl: mproper initialization in UEFI firmware OutOfBandXML module (CVE-2024-31157)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7077 advisory.

    A library that provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T     recommendation) parsing and structures management, and Distinguished Encoding Rules (DER, as per X.690)     encoding and decoding functions.

    Security Fix(es):

    * libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS (CVE-2024-12133)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7309 advisory.

    OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.

    Security Fix(es):

    * openjpeg: heap buffer overflow in bin/common/color.c (CVE-2024-56826)

    * openjpeg: heap buffer overflow in lib/openjp2/j2k.c (CVE-2024-56827)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7064 advisory.

    IPTraf-ng is a console-based network monitoring utility which includes an IP traffic monitor, a TCP and     UDP service monitor, and a LAN statistics module. It supports Ethernet, FDDI, ISDN, SLIP, PPP, and     loopback interfaces as well as the built-in raw socket interface of the Linux kernel.

    Security Fix(es):

    * iptraf-ng: buffer overflow via ifaces.c (CVE-2024-52949)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7085 advisory.

    The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

    Security Fix(es):

    * rubygem-rack: Possible Log Injection in Rack::CommonLogger (CVE-2025-25184)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7326 advisory.

    rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and     subscription management.

    Security Fix(es):

    * golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect     (CVE-2024-45336)

    * crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec     (CVE-2025-22866)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7107 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * python: cpython: URL parser allowed square brackets in domain names (CVE-2025-0938)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7178 advisory.

    The gstreamer1 packages contain a streaming media framework, based on graphs of filters which operate on     media data.

    Security Fix(es):

    * gstreamer: EXIF Metadata Parsing Integer Overflow (CVE-2024-4453)

    * gstreamer: AV1 Video Parsing Stack-based Buffer Overflow (CVE-2024-0444)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:6993 advisory.

    OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating     systems. It includes the core files necessary for both the OpenSSH client and server.

    Security Fix(es):

    * openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled (CVE-2025-26465)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7315 advisory.

    PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

    Security Fix(es):

    * php: host/secure cookie bypass due to partial CVE-2022-31629 fix (CVE-2024-2756)

    * php: password_verify can erroneously return true, opening ATO risk (CVE-2024-3096)

    * php: Filter bypass in filter_var (FILTER_VALIDATE_URL) (CVE-2024-5458)

    * php: Erroneous parsing of multipart form data (CVE-2024-8925)

    * php: cgi.force_redirect configuration is bypassable due to the environment variable collision     (CVE-2024-8927)

    * php: PHP-FPM Log Manipulation Vulnerability (CVE-2024-9026)

    * php: Leak partial content of the heap through heap buffer over-read in mysqlnd (CVE-2024-8929)

    * php: Single byte overread with convert.quoted-printable-decode filter (CVE-2024-11233)

    * php: Configuring a proxy in a stream context might allow for CRLF injection in URIs (CVE-2024-11234)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7243 advisory.

    GStreamer is a streaming media framework based on graphs of filters which operate on media data. The     gstreamer1-plugins-base packages contain a collection of well-maintained base plug-ins.

    Security Fix(es):

    * gstreamer1-plugins-base: ID3v2 parser out-of-bounds read and NULL-pointer dereference (CVE-2024-47542)

    * gstreamer1-plugins-base: GStreamer has an out-of-bounds write in SSA subtitle parser (CVE-2024-47541)

    * gstreamer1-plugins-base: GStreamer has an OOB-read in format_channel_mask (CVE-2024-47600)

    * gstreamer1-plugins-base: NULL-pointer dereference in LRC subtitle parser (CVE-2024-47835)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:6977 advisory.

    Python is an interpreted, interactive, object-oriented programming language, which includes modules,     classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to     many system calls and libraries, as well as to various windowing systems.

    Security Fix(es):

    * python: cpython: URL parser allowed square brackets in domain names (CVE-2025-0938)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7331 advisory.

    nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency,     performance, and low memory usage.

    Security Fix(es):

    * nginx: TLS Session Resumption Vulnerability (CVE-2025-23419)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes     linked from the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Severity
236807	RHEL 9 : thunderbird (RHSA-2025:7692)	critical
236806	RHEL 9 : xdg-utils (RHSA-2025:7672)	high
236805	RHEL 9 : thunderbird (RHSA-2025:7694)	critical
236804	RHEL 8 : thunderbird (RHSA-2025:7693)	critical
236803	RHEL 8 : thunderbird (RHSA-2025:7689)	critical
236802	RHEL 9 : kernel-rt (RHSA-2025:7676)	high
236801	RHEL 9 : kernel (RHSA-2025:7683)	high
236800	RHEL 8 : redis:6 (RHSA-2025:7686)	high
236796	RHEL 7 : kernel-rt (RHSA-2025:7732)	high
236794	RHEL 8 : kernel (RHSA-2025:7652)	high
236787	RHEL 8 / 9 : updated discovery-cli RPMs (Important) (RHSA-2025:7630)	high
236786	RHEL 9 : git (RHSA-2025:7641)	high
236778	RHEL 9 : git (RHSA-2025:7640)	high
235936	RHEL 8 : kernel (RHSA-2025:7531)	high
235935	RHEL 9 : php:8.3 (RHSA-2025:7418)	critical
235934	RHEL 8 : ruby:2.5 (RHSA-2025:7539)	critical
235933	RHEL 8 : libjpeg-turbo (RHSA-2025:7540)	high
235932	RHEL 9 : Red Hat OpenStack Platform 18.0 (python-h11) (RHSA-2025:7535)	critical
235931	RHEL 9 : Red Hat OpenStack Platform 17.1 (python-h11) (RHSA-2025:7536)	critical
235930	RHEL 9 : nodejs:20 (RHSA-2025:7537)	high
235929	RHEL 9 : kernel (RHSA-2025:7526)	high
235928	RHEL 8 : firefox (RHSA-2025:7543)	critical
235924	RHEL 9 : kernel (RHSA-2025:7533)	high
235923	RHEL 9 : kernel-rt (RHSA-2025:7534)	high
235922	RHEL 9 : redis:7 (RHSA-2025:7538)	high
235921	RHEL 8 : firefox (RHSA-2025:7547)	critical
235920	RHEL 8 : firefox (RHSA-2025:7545)	critical
235919	RHEL 9 : nginx (RHSA-2025:7546)	medium
235918	RHEL 8 : firefox (RHSA-2025:7544)	critical
235835	RHEL 9 : opentelemetry-collector (RHSA-2025:7407)	high
235834	RHEL 9 : webkit2gtk3 (RHSA-2025:7387)	medium
235833	RHEL 9 : 389-ds-base (RHSA-2025:7395)	medium
235832	RHEL 9 : podman (RHSA-2025:7391)	high
235831	RHEL 9 : aardvark-dns (RHSA-2025:7094)	high
235830	RHEL 9 : protobuf (RHSA-2025:7138)	high
235816	RHEL 9 : rpm-ostree (RHSA-2025:7147)	medium
235815	RHEL 9 : krb5 (RHSA-2025:7067)	medium
235814	RHEL 9 : microcode_ctl (RHSA-2025:7043)	medium
235813	RHEL 9 : libtasn1 (RHSA-2025:7077)	medium
235812	RHEL 9 : openjpeg2 (RHSA-2025:7309)	medium
235811	RHEL 9 : iptraf-ng (RHSA-2025:7064)	high
235810	RHEL 9 : pcs (RHSA-2025:7085)	high
235809	RHEL 9 : rhc (RHSA-2025:7326)	medium
235808	RHEL 9 : python3.12 (RHSA-2025:7107)	medium
235807	RHEL 9 : gstreamer1, gstreamer1-plugins-bad-free, gstreamer1-plugins-ugly-free, and gstreamer1-rtsp-server (RHSA-2025:7178)	high
235806	RHEL 9 : openssh (RHSA-2025:6993)	medium
235805	RHEL 9 : php (RHSA-2025:7315)	high
235804	RHEL 9 : gstreamer1-plugins-base (RHSA-2025:7243)	medium
235803	RHEL 9 : python3.9 (RHSA-2025:6977)	medium
235802	RHEL 9 : nginx (RHSA-2025:7331)	medium

Detections

Analytics

Red Hat Local Security Checks Family for Nessus

critical

high

critical

critical

critical

high

high

high

high

high

high

high

high

high

critical

critical

high

critical

critical

high

high

critical

high

high

high

critical

critical

medium

critical

high

medium

medium

high

high

high

medium

medium

medium

medium

medium

high

high

medium

medium

high

medium

high

medium

medium

medium