GeForce, Workstation, Compute Security Vulnerabilities

RHEL 6 / 7 : rh-java-common-lucene5 (RHSA-2017:3452)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3452 advisory. Solr: Code execution via entity expansion (CVE-2017-12629) Note that Nessus has not tested for this issue but has instead relied only on the...

RHEL 6 / 7 : python27-python (RHSA-2019:1700)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1700 advisory. python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) python:...

RHEL 7 : rh-maven35-jackson-databind (RHSA-2019:1820)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1820 advisory. jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384) ...

RHEL 6 / 7 : rh-ror50-rubygem-actionpack (RHSA-2019:1147)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1147 advisory. rubygem-actionpack: render file directory traversal in Action View (CVE-2019-5418) rubygem-actionpack: denial of service...

RHEL 7 : python-django (RHSA-2017:3093)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3093 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as...

RHEL 7 : openstack-ironic-inspector (RHSA-2019:1722)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1722 advisory. OpenStack Bare Metal (ironic) is a tool used to provision bare metal (as opposed to virtual) machines. It leverages common technologies such as...

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. curl: TLS session resumption client cert bypass (CVE-2016-5419) curl: Re-using connection with wrong client cert (CVE-2016-5420) ...

RHEL 6 / 7 : rh-php70-php (RHSA-2018:1296)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1296 advisory. php: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field (CVE-2016-7412) php: Use after free in wddx_deserialize...

RHEL 6 / 7 : rh-perl524-mod_perl (RHSA-2018:2826)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2826 advisory. mod_perl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess (CVE-2011-2767) Note that Nessus has...

RHEL 6 / 7 : rh-java-common-xmlrpc (RHSA-2018:1784)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1784 advisory. xmlrpc: Deserialization of untrusted Java object through tag (CVE-2016-5003) Note that Nessus has not tested for this issue but has instead...

RHEL 7 : openstack-nova (RHSA-2018:2714)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2714 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....

RHEL 6 / 7 : rh-java-common-lucene (RHSA-2017:3451)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3451 advisory. Solr: Code execution via entity expansion (CVE-2017-12629) Note that Nessus has not tested for this issue but has instead relied only on the...

RHEL 7 : rh-perl526-perl (RHSA-2019:0001)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0001 advisory. perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) perl: Heap-based buffer overflow in...

RHEL 6 / 7 : rh-maven33-plexus-archiver and rh-maven35-plexus-archiver (RHSA-2018:1837)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1837 advisory. plexus-archiver: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file (CVE-2018-1002200) Note...

RHEL 7 : redis (RHSA-2019:2508)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:2508 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

RHEL 7 : ansible (RHSA-2019:3789)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:3789 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over...

RHEL 7 : openstack-octavia (RHSA-2019:3788)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3788 advisory. The OpenStack Load Balancing service (openstack-octavia) provides a Load Balancing-as-a-Service (LBaaS) version 2 implementation for Red Hat...

RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2018:0584)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0584 advisory. ruby: Command injection vulnerability in Net::FTP (CVE-2017-17405) ruby: Command injection in lib/resolv.rb:lazy_initialize() allows...

RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2018:3730)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3730 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...

RHEL 7 : openstack-ceilometer (RHSA-2019:0919)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0919 advisory. OpenStack Telemetry (ceilometer) collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents...

RHEL 7 : python-cryptography (RHSA-2018:3600)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:3600 advisory. The python-cryptography packages contain a Python Cryptographic Authority's (PyCA's) cryptography library, which provides cryptographic primitives...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:2425)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2425 advisory. QEMU: seccomp: blacklist is not applied to all threads (CVE-2018-15746) QEMU: rtl8139: integer overflow leads to buffer overflow...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:1643)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1643 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 6 / 7 : rh-ror50-rubygem-sprockets (RHSA-2018:2245)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2245 advisory. rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary files (CVE-2018-3760) Note that...

RHEL 7 : openstack-keystone (RHSA-2018:2533)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2533 advisory. The OpenStack Identity service (keystone) authenticates and authorizes OpenStack users by keeping track of users and their permitted activities....

RHEL 7 : pyOpenSSL (RHSA-2019:0085)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0085 advisory. The pyOpenSSL packages provide a high-level wrapper around a subset of the OpenSSL library for the Python programming language. Security...

RHEL 7 : rh-maven35-slf4j (RHSA-2018:0582)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0582 advisory. slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088) Note that Nessus has not...

RHEL 6 / 7 : ror40-rubygem-activerecord (RHSA-2014:0877)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0877 advisory. rubygem-activerecord: SQL injection vulnerability in 'range' quoting (CVE-2014-3483) Note that Nessus has not tested for this issue but has...

RHEL 7 : openstack-ironic-inspector (RHSA-2019:1669)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1669 advisory. Nodes managed by Ironic may use the ironic-inspector auxiliary service to discover hardware properties. Hardware introspection or hardware properties.....

RHEL 6 / 7 : rh-postgresql95-postgresql (RHSA-2018:2511)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2511 advisory. postgresql: Memory disclosure in JSON functions (CVE-2017-15098) postgresql: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT...

RHEL 7 : qemu-kvm-rhev (RHSA-2017:3471)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3471 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : qemu-kvm-rhev (RHSA-2017:3466)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3466 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:1200)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1200 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:1199)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1199 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 6 / 7 : rh-redis32-redis (RHSA-2019:1860)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1860 advisory. redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218) redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219) ...

RHEL 6 / 7 : rh-git29-git (RHSA-2018:2147)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2147 advisory. git: path sanity check in is_ntfs_dotgit() can read arbitrary memory (CVE-2018-11233) git: arbitrary code execution when recursively...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:2822)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2822 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

RHEL 7 : openstack-nova (RHSA-2019:2631)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2631 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....

RHEL 7 : openstack-nova (RHSA-2019:2622)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2622 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....

RHEL 7 : openstack-ceilometer (RHSA-2019:0580)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0580 advisory. OpenStack Telemetry (ceilometer) collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents...

RHEL 6 / 7 : rh-mariadb101-mariadb and rh-mariadb101-galera (RHSA-2018:0574)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0574 advisory. mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016) (CVE-2016-5617, CVE-2016-6664) mysql: Server: Optimizer...

RHEL 6 / 7 : rh-postgresql96-postgresql (RHSA-2017:3405)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3405 advisory. postgresql: Start scripts permit database administrator to modify root-owned files (CVE-2017-12172, CVE-2017-15097) Note that...

RHEL 7 : rh-ruby25-ruby (RHSA-2018:3731)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3731 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...

RHEL 6 / 7 : rh-ruby23-ruby (RHSA-2018:3729)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3729 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...

RHEL 7 : openstack-nova and python-novaclient (RHSA-2018:0369)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0369 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....

RHEL 7 : qemu-kvm-rhev (RHSA-2019:3742)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3742 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:1645)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1645 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:2363)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2363 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:1686)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1686 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

RHEL 6 / 7 : rh-mysql57-mysql (RHSA-2018:3655)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3655 advisory. mysql: Server: Replication unspecified vulnerability (CPU Apr 2018) (CVE-2018-2755) mysql: Server: Security: Privileges unspecified...