G9 Lite, Honor 5A, Honor 6X, Honor 8 Security Vulnerabilities

RHEL 8 : mcpp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. mcpp: heap based buffer overflow in function do_msg() in support.c (CVE-2019-14274) Note that Nessus has not tested...

RHEL 8 : libdwarf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libdwarf: division by zero in dwarf_elf_load_headers.c leading to DoS (CVE-2019-14249) libdwarf: NULL...

RHEL 7 : pcsc-lite (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. pcsc-lite: Use-after-free of cardsList due to SCardReleaseContext invocations (CVE-2016-10109) Note that Nessus has...

RHEL 4 : xfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Xfig, Transfig: Stack-based buffer overflow by loading malformed .FIG files (CVE-2009-4228) Xfig:...

RHEL 8 : jq (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. jq: stack exhaustion via jv_dump_term() function (CVE-2016-4074) Note that Nessus has not tested for this issue but...

RHEL 8 : nodejs-http-signature (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nodejs-http-signature: HTTP header forgery (CVE-2017-16005) Note that Nessus has not tested for this issue but has...

RHEL 6 : xdg-user-dirs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. xdg-user-dirs, gnome-session: Xsession creation of XDG user directories does not honor system umask policy ...

RHEL 8 : ant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ant: insecure temporary file vulnerability (CVE-2020-1945) When reading a specially crafted TAR archive...

RHEL 8 : glade (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. glade: segmentation fault in glade_gtk_box_post_create() (CVE-2020-36774) Note that Nessus has not tested for this...

RHEL 8 : jbossweb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. tomcat: deserialization flaw in session persistence storage leading to RCE (CVE-2020-9484) Note that Nessus has not...

RHEL 8 : velocity (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936) Note that Nessus has...

RHEL 8 : perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl: corruption of intermediate language state of compiled regular expression due to integer overflow ...

RHEL 8 : perl-app-cpanminus (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. perl-App-cpanminus: Bypass of verification of signatures in CHECKSUMS files (CVE-2020-16154) Note that Nessus has...

RHEL 8 : gcc-toolset-10-binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c (CVE-2021-20284) Note that...

RHEL 8 : 7.2_php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: Information disclosure in exif_read_data() function (CVE-2020-7064) In PHP versions 7.2.x below...

RHEL 3 : squirrelmail (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. SquirrelMail: Mail Fetch plugin -- port-scans via non-standard POP3 server ports (CVE-2010-1637) ...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1788)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is...

RHEL 8 : kernel (RHSA-2024:3528)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3528 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: NULL pointer dereference...

RHEL 8 : redis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. redis: Code injection via Lua script execution environment (CVE-2022-24735) redis: heap overflow in the...

RHEL 8 : ovn2.13 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. ovn: service monitor MAC flow is not rate limited (CVE-2023-3153) Note that Nessus has not tested for this issue but...

RHEL 8 : ncurses (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c (CVE-2021-39537) In ncurses 6.1,...

RHEL 8 : libguestfs-winsupport (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array ...

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.17 Security update (Important) (RHSA-2024:3560)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3560 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...

RHEL 8 : expat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. expat: Large number of prefixed XML attributes on a single tag can crash libexpat (CVE-2021-45960) Expat...

RHEL 8 : apache-ivy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. apache-ivy: XML External Entity vulnerability (CVE-2022-46751) Note that Nessus has not tested for this issue but...

RHEL 8 : qemu-kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. QEMU: usbredir: free() call on invalid pointer in bufp_alloc() (CVE-2021-3682) The ahci_commit_buf...

RHEL 8 : exiv2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. exiv2: buffer overflow in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp ...

RHEL 8 : av_libnbd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libnbd: Crash or misbehaviour when NBD server returns an unexpected block size (CVE-2023-5215) Note that Nessus has...

RHEL 8 : ntp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ntp: decodearr() can write beyond its buffer limit (CVE-2018-7183) ntpd in ntp 4.2.x before 4.2.8p7 and...

RHEL 8 : libarchive (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libarchive: heap-based buffer overflow in archive_string_append_from_wcs function in archive_string.c ...

RHEL 8 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp ...

RHEL 8 : aspell (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. aspell: UCS-2 and UCS-4 null-terminated string handling OOB read (CVE-2019-20433) libaspell.a in GNU...

RHEL 8 : mod_security_crs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mod_security_crs: Content-Type or Content-Transfer-Encoding MIME header fields abuse (CVE-2022-39956) ...

RHEL 8 : kibana (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747) mixin-deep is vulnerable to...

RHEL 5 : libxi (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXi: Multiple Array Index error leading to heap-based OOB write (CVE-2013-1998) libXi: Insufficient...

RHEL 8 : 8.3_qemu-kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. QEMU: intel-hda: segmentation fault due to stack overflow (CVE-2021-3611) Note that Nessus has not tested for this...

RHEL 8 : jboss-on (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jackson-databind: use of deeply nested arrays (CVE-2022-42004) jackson-databind 2.10.x through 2.12.x...

RHEL 9 : libbpf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libbpf: heap-based buffer overflow (8 bytes) in __bpf_object__open (CVE-2021-45941) libbpf 0.6.0 and...

RHEL 8 : qs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. express: qs prototype poisoning causes the hang of the node process (CVE-2022-24999) Note that Nessus has not tested...

RHEL 8 : postgresql-jdbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724) A weakness...

RHEL 8 : perl-dbi (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-dbi: Buffer overflow on an overlong DBD class name (CVE-2020-14393) An issue was discovered in the...

RHEL 8 : libvncserver (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libvncserver: Multiple heap out-of-bound writes in VNC client code (Incomplete fix for CVE-2018-20019) ...

RHEL 6 : jasper (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jasper: heap-based buffer over-read of size 8 in jas_image_depalettize in libjasper/base/jas_image.c ...

RHEL 8 : glib-networking (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. glib-networking: GTlsClientConnection silently ignores unset server identity (CVE-2020-13645) Note that Nessus has...

RHEL 8 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. transfig: Buffer underwrite in read.c:get_line() via crafted FIG file (CVE-2018-16140) Xfig fig2dev...

RHEL 8 : libbpf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libbpf: heap-based buffer overflow (8 bytes) in __bpf_object__open (CVE-2021-45941) libbpf 0.6.0 and...

RHEL 8 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tomcat: Session fixation when using FORM authentication (CVE-2019-17563) tomcat: JsonErrorReportValve...

RHEL 8 : servicemesh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. x/net/http2/h2c: request smuggling (CVE-2022-41721) Note that Nessus has not tested for this issue but has instead...

RHEL 8 : gd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gd: Information disclosure in gdImageCreateFromXbm() (CVE-2019-11038) gd_gif_in.c in the GD Graphics...

RHEL 8 : mesa (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. mesa: security bypass in 3D library graphics (CVE-2019-5068) Note that Nessus has not tested for this issue but has...