GeForce, Workstation, Compute Security Vulnerabilities

RHEL 7 : ansible (RHSA-2019:0054)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0054 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over...

RHEL 7 : rh-haproxy18-haproxy (RHSA-2018:1372)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1372 advisory. haproxy: Heap buffer overflow in mux_h2.c:h2_process_demux() can allow attackers to cause a denial of service (CVE-2018-10184) Note that Nessus...

RHEL 6 / 7 : rh-perl524-perl (RHSA-2019:0010)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0010 advisory. perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) perl: Heap-based buffer overflow in...

RHEL 7 : openvswitch (RHSA-2019:0053)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0053 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. ...

RHEL 7 : rh-nginx112-nginx (RHSA-2018:3680)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3680 advisory. nginx: Excessive memory consumption via flaw in HTTP/2 implementation (CVE-2018-16843) nginx: Excessive CPU usage via flaw in HTTP/2...

RHEL 7 : rh-postgresql10-postgresql (RHSA-2018:3757)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3757 advisory. postgresql: SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER ... REFERENCING (CVE-2018-16850) Note that Nessus has not tested for this...

RHEL 7 : openstack-neutron (RHSA-2018:3792)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3792 advisory. OpenStack Networking (neutron) is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main...

RHEL 7 : openstack-keystone (RHSA-2018:2543)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2543 advisory. The OpenStack Identity service (keystone) authenticates and authorizes OpenStack users by keeping track of users and their permitted activities....

RHEL 6 / 7 : httpd24 (RHSA-2017:3018)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3018 advisory. httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed) (CVE-2017-9798) Note that Nessus has not tested for this issue but has...

RHEL 7 : rh-nodejs8-nodejs (RHSA-2018:2949)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2949 advisory. nodejs: HTTP parser allowed for spaces inside Content-Length header values (CVE-2018-7159) nodejs: Inspector DNS rebinding vulnerability...

RHEL 7 : Red Hat OpenStack Platform director (RHSA-2018:1627)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1627 advisory. Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service...

RHEL 6 / 7 : rh-mysql56-mysql (RHSA-2018:0587)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0587 advisory. mysql: Server: Partition unspecified vulnerability (CPU Jan 2018) (CVE-2018-2562) mysql: Server: GIS unspecified vulnerability (CPU...

RHEL 7 : rh-nodejs8-nodejs (RHSA-2019:1821)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1821 advisory. nodejs: HTTP request splitting (CVE-2018-12116) nodejs: Denial of Service with large HTTP headers (CVE-2018-12121) nodejs: Slowloris...

CentOS 9 : kernel-5.14.0-437.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-437.el9 build changelog. In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The...

Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6743-3)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6743-3 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, the...

RHEL 7 : thunderbird (RHSA-2024:1935)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1935 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.10.0. Security Fix(es): *...

RHEL 6 / 7 / 8 / 9 : Satellite Client Async Security Update (Important) (RHSA-2024:2011)

The remote Redhat Enterprise Linux 6 / 7 / 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2011 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the...

RHEL 7 : instack-undercloud (RHSA-2017:2649)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2017:2649 advisory. instack-undercloud provides a collection of scripts and elements that can be used to install an OpenStack undercloud (using python-instack). The...

RHEL 7 : qemu-kvm-rhev (RHSA-2016:1756)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1756 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package...

RHEL 6 : openstack-keystone (RHSA-2014:0368)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0368 advisory. The OpenStack Identity service (keystone) authenticates and authorizes OpenStack users by keeping track of users and their permitted...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6742-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6742-2 advisory. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain...

RHEL 7 : rh-php72-php (RHSA-2019:3299)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3299 advisory. gd: Unsigned integer underflow _gdContributionsAlloc() (CVE-2016-10166) php: Buffer over-read in PHAR reading functions...

RHEL 6 : openstack-cinder (RHSA-2014:1787)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1787 advisory. OpenStack Block Storage (cinder) manages block storage mounting and the presentation of such mounted block storage to instances. The...

RHEL 6 / 7 : python27 (RHSA-2016:1166)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1166 advisory. python: ssl.match_hostname() DoS via certificates with specially crafted hostname wildcard patterns (CVE-2013-2099) python:...

RHEL 7 : grub2 (RHSA-2024:2002)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2002 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular...

RHEL 6 : libyaml (RHSA-2015:0112)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0112 advisory. YAML is a data serialization format designed for human readability and interaction with scripting languages. LibYAML is a YAML parser and...

RHEL 6 / 7 : rh-mariadb100-mariadb (RHSA-2016:1132)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1132 advisory. pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4) (CVE-2015-3210, CVE-2015-8384) ...

RHEL 7 : kernel (RHSA-2024:2004)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2004 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * kernel: use after free in...

RHEL 6 / 7 : openstack-neutron (RHSA-2015:1909)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:1909 advisory. OpenStack Networking (neutron) is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its...

RHEL 7 : ansible (RHSA-2019:3744)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:3744 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over...

RHEL 7 : openvswitch (RHSA-2017:2692)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2692 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. ...

(RHSA-2024:2010) Important: Satellite 6.15.0 release

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Security fixes: * python-pygments: ReDoS in pygments (CVE-2022-40896) * python-pycryptodomex: Side-channel...

Google Guest Agent and Google OS Config Agent vulnerability

Releases Ubuntu 23.10 Ubuntu 22.04 LTS Packages google-guest-agent - Google Compute Engine Guest Agent google-osconfig-agent - Google OS Config Agent Details It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attacker could possibly...

RHEL 7 : thunderbird (RHSA-2024:1498)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1498 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.9.0. Security Fix(es): *...

Ubuntu 22.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-6743-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6743-2 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, the...

RHEL 7 : tigervnc (RHSA-2024:0006)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0006 advisory. Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the...

RHEL 7 : shim (RHSA-2024:1959)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1959 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot...

RHEL 6 / 7 : rh-python35-python-jinja2 (RHSA-2019:1237)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1237 advisory. python-jinja2: Sandbox escape due to information disclosure via str.format (CVE-2016-10745) python-jinja2: str.format_map allows...

RHEL 6 / 7 : php54 (RHSA-2015:1066)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1066 advisory. php: use after free vulnerability in unserialize() (CVE-2014-8142) php: out of bounds read when parsing a crafted .php file...

RHEL 6 / 7 : rh-mysql56-mysql (RHSA-2015:1630)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1630 advisory. mysql: unspecified vulnerability related to Server:GIS (CPU July 2015) (CVE-2015-2582) mysql: unspecified vulnerability related to...

RHEL 7 : rabbitmq-server (RHSA-2017:0530)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2017:0530 advisory. RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and scalable...

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-6739-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6739-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6741-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6741-1 advisory. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow...

Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6743-1)

The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6743-1 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap)...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-6740-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6740-1 advisory. A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6742-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6742-1 advisory. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow...

Recover from Ransomware in 5 Minutes—We will Teach You How!

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest....

RHEL 7 : firefox (RHSA-2024:1910)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1910 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1321-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1321-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...