RHEL 7 : mutt (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mutt: buffer overflow via base64 data (CVE-2018-14359) An issue was discovered in Mutt before 1.10.1 and...
10AI Score
AlmaLinux 9 : nodejs:18 (ALSA-2024:2779)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:2779 advisory. A vulnerability in Node.js has been identified, allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch()...
7AI Score
RHEL 8 : golang (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114) golang: html/template:...
7.5AI Score
RHEL 6 : gnome-keyring (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. gnome-keyring: user's login credentials is kept in a session-child process resulting in exposed plaintext ...
7.5AI Score
RHEL 7 : bzr (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. bzr: does not strip bzr+ssh SSH options (CVE-2017-14176) Note that Nessus has not tested for this issue but has...
7.3AI Score
RHEL 6 : libxpm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXpm: Out-of-bounds write in XPM extension parsing (CVE-2016-10164) A flaw was found in libXpm. When...
7.4AI Score
RHEL 4 : openssl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssl: Memory corruption in the ASN.1 encoder (CVE-2016-2108) Integer overflow in the EVP_EncodeUpdate...
10AI Score
RHEL 7 : libzapojit (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libzapojit: missing TLS certificate verification (CVE-2021-39360) Note that Nessus has not tested for this issue but...
7.3AI Score
RHEL 6 : trousers (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as...
7.8AI Score
RHEL 8 : numpy (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. numpy: crafted serialized object passed in numpy.load() in pickle python module allows arbitrary code ...
8.4AI Score
RHEL 7 : nspr (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nspr: Memory allocation issue related to PR_*printf functions (CVE-2016-1951) Note that Nessus has not tested for...
7.3AI Score
RHEL 7 : python-ldap (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-ldap: Regular expression denial of service in LDAP schema parser (CVE-2021-46823) Note that Nessus has not...
7.3AI Score
RHEL 6 : gdk-pixbuf (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gdk-pixbuf: Out-of-bounds write in OneLine32() function (CVE-2016-6352) Integer overflow in io-ico.c in...
9.8AI Score
RHEL 5 : spamassassin (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. spamassassin: command injection via crafted configuration file (CVE-2020-1931) A denial of service...
9.9AI Score
RHEL 6 : python-paramiko (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-paramiko: Race condition in the write_private_key_file function (CVE-2022-24302) Note that Nessus has not...
7.3AI Score
RHEL 7 : jackson-databind (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper (CVE-2017-7525) A...
8.5AI Score
RHEL 7 : rubyzip (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. rubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file ...
8.2AI Score
RHEL 7 : patch (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. patch: Invalid Pointer via another_hunk function (CVE-2021-45261) Note that Nessus has not tested for this issue but...
7.3AI Score
RHEL 7 : jdom (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. jdom: XXE allows attackers to cause a DoS via a crafted HTTP request (CVE-2021-33813) Note that Nessus has not...
7.2AI Score
RHEL 6 : tar (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tar: Bypassing the extract path name (CVE-2016-6321) GNU Tar through 1.30, when --sparse is used,...
9AI Score
RHEL 6 : sudo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. sudo: by using ! character in the shadow file instead of a password hash can access to a run as all...
8.4AI Score
RHEL 6 : libqb (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libqb: Insecure treatment of IPC (temporary) files (CVE-2019-12779) libqb: Buffer overflow in...
8AI Score
RHEL 7 : s_mime (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. S/MIME: CBC gadget attacks allows to exfiltrate plaintext out of encrypted emails (CVE-2017-17689) Note that Nessus...
7.2AI Score
RHEL 7 : libwmf (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libwmf: Memory allocation failure in wmf_malloc (CVE-2016-9011) Note that Nessus has not tested for this issue but...
7.3AI Score
RHEL 6 : perl-xml-twig (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. perl-XML-Twig: expand_external_ents option fails to work as documented (CVE-2016-9180) Note that Nessus has not...
7.3AI Score
RHEL 7 : mozilla_nss (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. Mozilla NSS: Errors in mp_div and mp_exptmod cryptographic functions (CVE-2016-1938) Note that Nessus has not tested...
7.5AI Score
RHEL 8 : firebird (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. firebird: Firebird fbudf Module Authenticated Remote Code Execution (CVE-2017-11509) Note that Nessus has not tested...
8AI Score
RHEL 7 : emacs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. emacs: Ignores umask when creating a swap file (CVE-2017-1000383) emacs: ctags local command execution...
7.7AI Score
RHEL 8 : cairo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c (CVE-2019-6462) cairo...
7.7AI Score
RHEL 6 : lua (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. lua: stack overflow in lua_resume of ldo.c allows a DoS via a crafted script file (CVE-2021-43519) Note that Nessus...
7.6AI Score
RHEL 7 : glib2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c ...
7.3AI Score
RHEL 7 : alpaca (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication ...
7.4AI Score
RHEL 7 : golang.org_x_text (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852) The...
7.5AI Score
RHEL 6 : http_2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) ...
7.3AI Score
RHEL 8 : bash (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. bash: BASH_CMD is writable in restricted bash shells (CVE-2019-9924) Note that Nessus has not tested for this issue...
7.3AI Score
RHEL 6 : e2fsprogs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. e2fsprogs: out-of-bounds read/write via crafted filesystem (CVE-2022-1304) An exploitable code execution...
8.2AI Score
RHEL 7 : ant (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ant: insecure temporary file (CVE-2020-11979) When reading a specially crafted TAR archive an Apache Ant...
7.6AI Score
RHEL 9 : apache_tomcat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. Apache Tomcat: Information disclosure (CVE-2021-43980) Note that Nessus has not tested for this issue but has...
7.3AI Score
RHEL 8 : tpm2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. tpm2: TCG TPM2.0 implementations vulnerable to memory corruption (CVE-2023-1018) Note that Nessus has not tested for...
7.5AI Score
RHEL 7 : ocaml (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. ocaml: Integer overflow in byterun/bigarray.c:caml_ba_deserialize() allows remote attackers to cause a denial of...
7.6AI Score
RHEL 7 : libmspack,_clamav (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libmspack, clamav: heap-based buffer overflow in mspack/lzxd.c (CVE-2017-6419) The cabd_read_string...
8.1AI Score
RHEL 8 : dcraw (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. dcraw: Stack-based buffer overflow in the find_green() function (CVE-2018-19655) A buffer over-read in...
8.3AI Score
RHEL 6 : giflib (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. giflib: out-of-bounds read in DumpScreen2RGB() in gif2rgb.c in gif2rgb tool (CVE-2020-23922) giflib:...
8.4AI Score
RHEL 7 : evince (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. evince: Command injection when exporting to PDF (CVE-2017-1000159) Note that Nessus has not tested for this issue...
7.7AI Score
RHEL 7 : gpg (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. gpg: Signature spoofing via status line injection (CVE-2022-34903) Note that Nessus has not tested for this issue...
7.6AI Score
RHEL 5 : libxtst (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXtst: Insufficient validation of server responses result in Integer overflows (CVE-2016-7951) X.org...
7.6AI Score
RHEL 7 : protobuf (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference (CVE-2021-22570) Note that...
7.3AI Score
RHEL 5 : dovecot (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds ...
8AI Score
RHEL 7 : jose-go (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. jose-go: improper handling of highly compressed data (CVE-2024-28180) Note that Nessus has not tested for this issue...
7.3AI Score
RHEL 5 : coreutils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. coreutils: race condition vulnerability in chown and chgrp (CVE-2017-18018) Note that Nessus has not tested for this...
5.2AI Score