RHEL 6 / 7 : rh-java-common-lucene5 (RHSA-2017:3452)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3452 advisory. Solr: Code execution via entity expansion (CVE-2017-12629) Note that Nessus has not tested for this issue but has instead relied only on the...
9.8CVSS
9.6AI Score
0.974EPSS
RHEL 6 / 7 : python27-python (RHSA-2019:1700)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1700 advisory. python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) python:...
9.8CVSS
7.2AI Score
0.007EPSS
RHEL 7 : rh-maven35-jackson-databind (RHSA-2019:1820)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1820 advisory. jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384) ...
5.9CVSS
7.8AI Score
0.533EPSS
RHEL 6 / 7 : rh-ror50-rubygem-actionpack (RHSA-2019:1147)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1147 advisory. rubygem-actionpack: render file directory traversal in Action View (CVE-2019-5418) rubygem-actionpack: denial of service...
7.5CVSS
7.3AI Score
0.975EPSS
RHEL 7 : python-django (RHSA-2017:3093)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3093 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as...
6.1CVSS
6.4AI Score
0.004EPSS
RHEL 7 : openstack-ironic-inspector (RHSA-2019:1722)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1722 advisory. OpenStack Bare Metal (ironic) is a tool used to provision bare metal (as opposed to virtual) machines. It leverages common technologies such as...
9.1CVSS
9.3AI Score
0.005EPSS
RHEL 6 / 7 : httpd24 (RHSA-2018:3558)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. curl: TLS session resumption client cert bypass (CVE-2016-5419) curl: Re-using connection with wrong client cert (CVE-2016-5420) ...
9.8CVSS
9.5AI Score
0.962EPSS
RHEL 6 / 7 : rh-php70-php (RHSA-2018:1296)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1296 advisory. php: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field (CVE-2016-7412) php: Use after free in wddx_deserialize...
9.8CVSS
8.3AI Score
0.62EPSS
RHEL 6 / 7 : rh-perl524-mod_perl (RHSA-2018:2826)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2826 advisory. mod_perl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess (CVE-2011-2767) Note that Nessus has...
9.8CVSS
7.5AI Score
0.008EPSS
RHEL 6 / 7 : rh-java-common-xmlrpc (RHSA-2018:1784)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1784 advisory. xmlrpc: Deserialization of untrusted Java object through tag (CVE-2016-5003) Note that Nessus has not tested for this issue but has instead...
9.8CVSS
6.9AI Score
0.42EPSS
RHEL 7 : openstack-nova (RHSA-2018:2714)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2714 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....
7.5CVSS
6.4AI Score
0.003EPSS
RHEL 6 / 7 : rh-java-common-lucene (RHSA-2017:3451)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3451 advisory. Solr: Code execution via entity expansion (CVE-2017-12629) Note that Nessus has not tested for this issue but has instead relied only on the...
9.8CVSS
9.6AI Score
0.974EPSS
RHEL 7 : rh-perl526-perl (RHSA-2019:0001)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0001 advisory. perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) perl: Heap-based buffer overflow in...
9.8CVSS
7.8AI Score
0.021EPSS
RHEL 6 / 7 : rh-maven33-plexus-archiver and rh-maven35-plexus-archiver (RHSA-2018:1837)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1837 advisory. plexus-archiver: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file (CVE-2018-1002200) Note...
5.5CVSS
7.7AI Score
0.001EPSS
RHEL 7 : redis (RHSA-2019:2508)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:2508 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...
7.2CVSS
7.5AI Score
0.188EPSS
RHEL 7 : ansible (RHSA-2019:3789)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:3789 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over...
6.5CVSS
7.2AI Score
0.003EPSS
RHEL 7 : openstack-octavia (RHSA-2019:3788)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3788 advisory. The OpenStack Load Balancing service (openstack-octavia) provides a Load Balancing-as-a-Service (LBaaS) version 2 implementation for Red Hat...
9.1CVSS
6.3AI Score
0.002EPSS
RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2018:0584)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0584 advisory. ruby: Command injection vulnerability in Net::FTP (CVE-2017-17405) ruby: Command injection in lib/resolv.rb:lazy_initialize() allows...
9.8CVSS
7.9AI Score
0.895EPSS
RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2018:3730)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3730 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...
9.8CVSS
7.9AI Score
0.022EPSS
RHEL 7 : openstack-ceilometer (RHSA-2019:0919)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0919 advisory. OpenStack Telemetry (ceilometer) collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents...
7.8CVSS
5.9AI Score
0.0004EPSS
RHEL 7 : python-cryptography (RHSA-2018:3600)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:3600 advisory. The python-cryptography packages contain a Python Cryptographic Authority's (PyCA's) cryptography library, which provides cryptographic primitives...
7.5CVSS
6.3AI Score
0.002EPSS
RHEL 7 : qemu-kvm-rhev (RHSA-2019:2425)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2425 advisory. QEMU: seccomp: blacklist is not applied to all threads (CVE-2018-15746) QEMU: rtl8139: integer overflow leads to buffer overflow...
9.8CVSS
7.9AI Score
0.022EPSS
RHEL 7 : qemu-kvm-rhev (RHSA-2018:1643)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1643 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...
8.8CVSS
6.7AI Score
0.003EPSS
RHEL 6 / 7 : rh-ror50-rubygem-sprockets (RHSA-2018:2245)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2245 advisory. rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary files (CVE-2018-3760) Note that...
7.5CVSS
6.6AI Score
0.023EPSS
RHEL 7 : openstack-keystone (RHSA-2018:2533)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2533 advisory. The OpenStack Identity service (keystone) authenticates and authorizes OpenStack users by keeping track of users and their permitted activities....
5.3CVSS
5.5AI Score
0.001EPSS
RHEL 7 : pyOpenSSL (RHSA-2019:0085)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0085 advisory. The pyOpenSSL packages provide a high-level wrapper around a subset of the OpenSSL library for the Python programming language. Security...
8.1CVSS
7.2AI Score
0.094EPSS
RHEL 7 : rh-maven35-slf4j (RHSA-2018:0582)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0582 advisory. slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088) Note that Nessus has not...
9.8CVSS
7.7AI Score
0.022EPSS
RHEL 6 / 7 : ror40-rubygem-activerecord (RHSA-2014:0877)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0877 advisory. rubygem-activerecord: SQL injection vulnerability in 'range' quoting (CVE-2014-3483) Note that Nessus has not tested for this issue but has...
7.8AI Score
0.009EPSS
RHEL 7 : openstack-ironic-inspector (RHSA-2019:1669)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1669 advisory. Nodes managed by Ironic may use the ironic-inspector auxiliary service to discover hardware properties. Hardware introspection or hardware properties.....
9.1CVSS
9.3AI Score
0.005EPSS
RHEL 6 / 7 : rh-postgresql95-postgresql (RHSA-2018:2511)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2511 advisory. postgresql: Memory disclosure in JSON functions (CVE-2017-15098) postgresql: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT...
8.8CVSS
7.1AI Score
0.008EPSS
RHEL 7 : qemu-kvm-rhev (RHSA-2017:3471)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3471 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...
8.8CVSS
7.9AI Score
0.061EPSS
RHEL 7 : qemu-kvm-rhev (RHSA-2017:3466)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3466 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...
8.8CVSS
8.9AI Score
0.061EPSS
RHEL 7 : qemu-kvm-rhev (RHSA-2019:1200)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1200 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...
5.6CVSS
6.6AI Score
0.001EPSS
RHEL 7 : qemu-kvm-rhev (RHSA-2019:1199)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1199 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...
5.6CVSS
6.3AI Score
0.001EPSS
RHEL 6 / 7 : rh-redis32-redis (RHSA-2019:1860)
The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1860 advisory. redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218) redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219) ...
7.2CVSS
8AI Score
0.188EPSS
RHEL 6 / 7 : rh-git29-git (RHSA-2018:2147)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2147 advisory. git: path sanity check in is_ntfs_dotgit() can read arbitrary memory (CVE-2018-11233) git: arbitrary code execution when recursively...
7.8CVSS
8.2AI Score
0.018EPSS
RHEL 7 : qemu-kvm-rhev (RHSA-2018:2822)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2822 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...
8.2CVSS
8.7AI Score
0.001EPSS
RHEL 7 : openstack-nova (RHSA-2019:2631)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2631 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....
6.5CVSS
6.5AI Score
0.001EPSS
RHEL 7 : openstack-nova (RHSA-2019:2622)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2622 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....
6.5CVSS
6.5AI Score
0.001EPSS
RHEL 7 : openstack-ceilometer (RHSA-2019:0580)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0580 advisory. OpenStack Telemetry (ceilometer) collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents...
7.8CVSS
6.1AI Score
0.0004EPSS
RHEL 6 / 7 : rh-mariadb101-mariadb and rh-mariadb101-galera (RHSA-2018:0574)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0574 advisory. mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016) (CVE-2016-5617, CVE-2016-6664) mysql: Server: Optimizer...
7.7CVSS
7.4AI Score
0.118EPSS
RHEL 6 / 7 : rh-postgresql96-postgresql (RHSA-2017:3405)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3405 advisory. postgresql: Start scripts permit database administrator to modify root-owned files (CVE-2017-12172, CVE-2017-15097) Note that...
6.7CVSS
7.1AI Score
0.001EPSS
RHEL 7 : rh-ruby25-ruby (RHSA-2018:3731)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3731 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...
9.8CVSS
7.9AI Score
0.022EPSS
RHEL 6 / 7 : rh-ruby23-ruby (RHSA-2018:3729)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3729 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...
9.8CVSS
7.9AI Score
0.022EPSS
RHEL 7 : openstack-nova and python-novaclient (RHSA-2018:0369)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0369 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....
6.5CVSS
6.7AI Score
0.001EPSS
RHEL 7 : qemu-kvm-rhev (RHSA-2019:3742)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3742 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...
8.8CVSS
8.1AI Score
0.017EPSS
RHEL 7 : qemu-kvm-rhev (RHSA-2018:1645)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1645 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...
8.8CVSS
6.7AI Score
0.003EPSS
RHEL 7 : qemu-kvm-rhev (RHSA-2018:2363)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2363 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...
5.5CVSS
7.1AI Score
0.003EPSS
RHEL 7 : qemu-kvm-rhev (RHSA-2018:1686)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1686 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...
5.5CVSS
6.9AI Score
0.003EPSS
RHEL 6 / 7 : rh-mysql57-mysql (RHSA-2018:3655)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3655 advisory. mysql: Server: Replication unspecified vulnerability (CPU Apr 2018) (CVE-2018-2755) mysql: Server: Security: Privileges unspecified...
7.7CVSS
7.2AI Score
0.006EPSS