+F FS040U, +F FS020W, +F FS030W, And +F FS040W Security Vulnerabilities
RHEL 9 : jasper (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. jasper: memory leaks in function cmdopts_parse (CVE-2022-2963) Note that Nessus has not tested for this issue but...
7.3AI Score
RHEL 7 : mysql-connector-java (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mysql-connector-java: Improper automatic deserialization of binary data (CPU Apr 2017) (CVE-2017-3523) ...
7.4AI Score
RHEL 8 : node-undici (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. node-undici: cookie leakage (CVE-2023-45143) Note that Nessus has not tested for this issue but has instead relied...
7.3AI Score
RHEL 7 : mutt (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mutt: buffer overflow via base64 data (CVE-2018-14359) An issue was discovered in Mutt before 1.10.1 and...
10AI Score
AlmaLinux 9 : nodejs:18 (ALSA-2024:2779)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:2779 advisory. A vulnerability in Node.js has been identified, allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch()...
7AI Score
RHEL 8 : golang (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114) golang: html/template:...
7.5AI Score
RHEL 6 : gnome-keyring (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. gnome-keyring: user's login credentials is kept in a session-child process resulting in exposed plaintext ...
7.5AI Score
RHEL 4 : openssl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssl: Memory corruption in the ASN.1 encoder (CVE-2016-2108) Integer overflow in the EVP_EncodeUpdate...
10AI Score
RHEL 7 : libzapojit (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libzapojit: missing TLS certificate verification (CVE-2021-39360) Note that Nessus has not tested for this issue but...
7.3AI Score
RHEL 6 : trousers (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as...
7.8AI Score
RHEL 7 : nspr (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nspr: Memory allocation issue related to PR_*printf functions (CVE-2016-1951) Note that Nessus has not tested for...
7.3AI Score
RHEL 6 : gdk-pixbuf (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gdk-pixbuf: Out-of-bounds write in OneLine32() function (CVE-2016-6352) Integer overflow in io-ico.c in...
9.8AI Score
RHEL 5 : spamassassin (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. spamassassin: command injection via crafted configuration file (CVE-2020-1931) A denial of service...
9.9AI Score
RHEL 6 : python-paramiko (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-paramiko: Race condition in the write_private_key_file function (CVE-2022-24302) Note that Nessus has not...
7.3AI Score
RHEL 7 : rubyzip (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. rubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file ...
8.2AI Score
RHEL 7 : jdom (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. jdom: XXE allows attackers to cause a DoS via a crafted HTTP request (CVE-2021-33813) Note that Nessus has not...
7.2AI Score
RHEL 6 : libqb (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libqb: Insecure treatment of IPC (temporary) files (CVE-2019-12779) libqb: Buffer overflow in...
8AI Score
RHEL 7 : s_mime (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. S/MIME: CBC gadget attacks allows to exfiltrate plaintext out of encrypted emails (CVE-2017-17689) Note that Nessus...
7.2AI Score
RHEL 7 : libwmf (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libwmf: Memory allocation failure in wmf_malloc (CVE-2016-9011) Note that Nessus has not tested for this issue but...
7.3AI Score
RHEL 7 : mozilla_nss (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. Mozilla NSS: Errors in mp_div and mp_exptmod cryptographic functions (CVE-2016-1938) Note that Nessus has not tested...
7.5AI Score
RHEL 7 : emacs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. emacs: Ignores umask when creating a swap file (CVE-2017-1000383) emacs: ctags local command execution...
7.7AI Score
RHEL 8 : cairo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c (CVE-2019-6462) cairo...
7.7AI Score
RHEL 7 : alpaca (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication ...
7.4AI Score
RHEL 7 : golang.org_x_text (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852) The...
7.5AI Score
RHEL 6 : http_2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) ...
7.3AI Score
RHEL 8 : bash (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. bash: BASH_CMD is writable in restricted bash shells (CVE-2019-9924) Note that Nessus has not tested for this issue...
7.3AI Score
RHEL 7 : ant (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ant: insecure temporary file (CVE-2020-11979) When reading a specially crafted TAR archive an Apache Ant...
7.6AI Score
RHEL 9 : apache_tomcat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. Apache Tomcat: Information disclosure (CVE-2021-43980) Note that Nessus has not tested for this issue but has...
7.3AI Score
RHEL 8 : tpm2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. tpm2: TCG TPM2.0 implementations vulnerable to memory corruption (CVE-2023-1018) Note that Nessus has not tested for...
7.5AI Score
RHEL 7 : ocaml (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. ocaml: Integer overflow in byterun/bigarray.c:caml_ba_deserialize() allows remote attackers to cause a denial of...
7.6AI Score
RHEL 7 : libmspack,_clamav (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libmspack, clamav: heap-based buffer overflow in mspack/lzxd.c (CVE-2017-6419) The cabd_read_string...
8.1AI Score
RHEL 8 : dcraw (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. dcraw: Stack-based buffer overflow in the find_green() function (CVE-2018-19655) A buffer over-read in...
8.3AI Score
RHEL 6 : giflib (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. giflib: out-of-bounds read in DumpScreen2RGB() in gif2rgb.c in gif2rgb tool (CVE-2020-23922) giflib:...
8.4AI Score
RHEL 7 : evince (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. evince: Command injection when exporting to PDF (CVE-2017-1000159) Note that Nessus has not tested for this issue...
7.7AI Score
RHEL 7 : gpg (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. gpg: Signature spoofing via status line injection (CVE-2022-34903) Note that Nessus has not tested for this issue...
7.6AI Score
RHEL 5 : libxtst (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXtst: Insufficient validation of server responses result in Integer overflows (CVE-2016-7951) X.org...
7.6AI Score
RHEL 7 : protobuf (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference (CVE-2021-22570) Note that...
7.3AI Score
RHEL 5 : dovecot (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds ...
8AI Score
RHEL 7 : jose-go (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. jose-go: improper handling of highly compressed data (CVE-2024-28180) Note that Nessus has not tested for this issue...
7.3AI Score
RHEL 5 : coreutils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. coreutils: race condition vulnerability in chown and chgrp (CVE-2017-18018) Note that Nessus has not tested for this...
5.2AI Score
RHEL 5 : mod_nss (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. mod_nss: Invalid handling of +CIPHER operator (CVE-2016-3099) Note that Nessus has not tested for this issue but has...
7.3AI Score
RHEL 8 : openssh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15919) Note that Nessus has not...
5.8AI Score
RHEL 5 : xsa276_xen (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. xsa276 xen: resource accounting issues in x86 IOREQ server handling (XSA-276) (CVE-2018-19963) Note that Nessus has...
7.3AI Score
RHEL 5 : thunderbird (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. thunderbird: spoofing a message author via a crafted S/MIME (CVE-2019-11755) Note that Nessus has not tested for...
7.2AI Score
RHEL 5 : bison (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. bison: use-after-free via crafted input file containing a NULL byte can lead to DoS (CVE-2020-24240) GNU...
7.9AI Score
RHEL 5 : evince (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. evince: buffer overflow in backend/tiff/tiff-document.c leads to DOS/possible code execution ...
8.6AI Score
RHEL 8 : nodejs-http-signature (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nodejs-http-signature: HTTP header forgery (CVE-2017-16005) Note that Nessus has not tested for this issue but has...
7.4AI Score
RHEL 7 : libreoffice (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libreoffice: heap-based buffer overflow related to the ReadJPEG function (CVE-2017-8358) LibreOffice...
8.4AI Score
RHEL 7 : gstreamer-plugins-base (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gstreamer-plugins-base: out-of-bounds read when handling certain ID3v2 tags (CVE-2021-3522) The...
6.7AI Score
RHEL 6 : libxrender (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrender: Insufficient validation of server responses results out-of-bounds write in...
7.9AI Score