GeForce, Workstation, Compute Security Vulnerabilities

RHEL 7 : redis (RHSA-2019:2508)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:2508 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

RHEL 7 : openstack-octavia (RHSA-2019:3788)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3788 advisory. The OpenStack Load Balancing service (openstack-octavia) provides a Load Balancing-as-a-Service (LBaaS) version 2 implementation for Red Hat...

RHEL 7 : openstack-ironic-inspector (RHSA-2019:1669)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1669 advisory. Nodes managed by Ironic may use the ironic-inspector auxiliary service to discover hardware properties. Hardware introspection or hardware properties.....

RHEL 6 / 7 : ror40-rubygem-activerecord (RHSA-2014:0877)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0877 advisory. rubygem-activerecord: SQL injection vulnerability in 'range' quoting (CVE-2014-3483) Note that Nessus has not tested for this issue but has...

RHEL 6 / 7 : rh-postgresql95-postgresql (RHSA-2018:2511)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2511 advisory. postgresql: Memory disclosure in JSON functions (CVE-2017-15098) postgresql: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT...

RHEL 6 / 7 : rh-perl524-mod_perl (RHSA-2018:2826)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2826 advisory. mod_perl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess (CVE-2011-2767) Note that Nessus has...

RHEL 7 : rh-maven35-slf4j (RHSA-2018:0582)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0582 advisory. slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088) Note that Nessus has not...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:2425)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2425 advisory. QEMU: seccomp: blacklist is not applied to all threads (CVE-2018-15746) QEMU: rtl8139: integer overflow leads to buffer overflow...

RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2018:3730)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3730 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...

RHEL 7 : qemu-kvm-rhev (RHSA-2017:3466)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3466 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:1200)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1200 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:1199)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1199 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 6 / 7 : rh-redis32-redis (RHSA-2019:1860)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1860 advisory. redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218) redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219) ...

RHEL 6 / 7 : rh-git29-git (RHSA-2018:2147)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2147 advisory. git: path sanity check in is_ntfs_dotgit() can read arbitrary memory (CVE-2018-11233) git: arbitrary code execution when recursively...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:2822)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2822 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

RHEL 7 : openstack-nova (RHSA-2019:2631)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2631 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....

RHEL 7 : openstack-nova (RHSA-2019:2622)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2622 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....

RHEL 7 : openstack-ceilometer (RHSA-2019:0580)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0580 advisory. OpenStack Telemetry (ceilometer) collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents...

RHEL 6 / 7 : rh-mariadb101-mariadb and rh-mariadb101-galera (RHSA-2018:0574)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0574 advisory. mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016) (CVE-2016-5617, CVE-2016-6664) mysql: Server: Optimizer...

RHEL 6 / 7 : rh-postgresql96-postgresql (RHSA-2017:3405)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3405 advisory. postgresql: Start scripts permit database administrator to modify root-owned files (CVE-2017-12172, CVE-2017-15097) Note that...

RHEL 6 / 7 : rh-ruby23-ruby (RHSA-2018:3729)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3729 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...

RHEL 7 : openstack-nova and python-novaclient (RHSA-2018:0369)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0369 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....

RHEL 7 : qemu-kvm-rhev (RHSA-2018:1645)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1645 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:1686)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1686 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

RHEL 6 / 7 : rh-mysql57-mysql (RHSA-2018:3655)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3655 advisory. mysql: Server: Replication unspecified vulnerability (CPU Apr 2018) (CVE-2018-2755) mysql: Server: Security: Privileges unspecified...

RHEL 7 : rh-haproxy18-haproxy (RHSA-2018:1372)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1372 advisory. haproxy: Heap buffer overflow in mux_h2.c:h2_process_demux() can allow attackers to cause a denial of service (CVE-2018-10184) Note that Nessus...

RHEL 6 / 7 : rh-perl524-perl (RHSA-2019:0010)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0010 advisory. perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) perl: Heap-based buffer overflow in...

RHEL 7 : openvswitch (RHSA-2019:0053)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0053 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. ...

RHEL 7 : rh-nginx112-nginx (RHSA-2018:3680)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3680 advisory. nginx: Excessive memory consumption via flaw in HTTP/2 implementation (CVE-2018-16843) nginx: Excessive CPU usage via flaw in HTTP/2...

RHEL 7 : openstack-keystone (RHSA-2018:2543)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2543 advisory. The OpenStack Identity service (keystone) authenticates and authorizes OpenStack users by keeping track of users and their permitted activities....

RHEL 6 / 7 : httpd24 (RHSA-2017:3018)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3018 advisory. httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed) (CVE-2017-9798) Note that Nessus has not tested for this issue but has...

RHEL 7 : rh-nodejs8-nodejs (RHSA-2018:2949)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2949 advisory. nodejs: HTTP parser allowed for spaces inside Content-Length header values (CVE-2018-7159) nodejs: Inspector DNS rebinding vulnerability...

RHEL 6 / 7 : rh-mysql56-mysql (RHSA-2018:0587)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0587 advisory. mysql: Server: Partition unspecified vulnerability (CPU Jan 2018) (CVE-2018-2562) mysql: Server: GIS unspecified vulnerability (CPU...

RHEL 7 : rh-nodejs8-nodejs (RHSA-2019:1821)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1821 advisory. nodejs: HTTP request splitting (CVE-2018-12116) nodejs: Denial of Service with large HTTP headers (CVE-2018-12121) nodejs: Slowloris...

RHEL 7 : Red Hat OpenStack Platform director (RHSA-2018:1627)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1627 advisory. Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service...

RHEL 7 : ansible (RHSA-2019:0054)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0054 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over...

RHEL 7 : openstack-neutron (RHSA-2018:3792)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3792 advisory. OpenStack Networking (neutron) is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main...

RHEL 7 : rh-postgresql10-postgresql (RHSA-2018:3757)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3757 advisory. postgresql: SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER ... REFERENCING (CVE-2018-16850) Note that Nessus has not tested for this...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:3742)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3742 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : rh-ruby25-ruby (RHSA-2018:3731)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3731 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...

RHEL 7 : qemu-kvm-rhev (RHSA-2017:3471)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3471 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:2363)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2363 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

CentOS 9 : kernel-5.14.0-437.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-437.el9 build changelog. In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The...

Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6743-3)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6743-3 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, the...

RHEL 7 : thunderbird (RHSA-2024:1935)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1935 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.10.0. Security Fix(es): *...

RHEL 7 : instack-undercloud (RHSA-2017:2649)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2017:2649 advisory. instack-undercloud provides a collection of scripts and elements that can be used to install an OpenStack undercloud (using python-instack). The...

RHEL 6 / 7 / 8 / 9 : Satellite Client Async Security Update (Important) (RHSA-2024:2011)

The remote Redhat Enterprise Linux 6 / 7 / 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2011 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the...

RHEL 6 : openstack-keystone (RHSA-2014:0368)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0368 advisory. The OpenStack Identity service (keystone) authenticates and authorizes OpenStack users by keeping track of users and their permitted...

RHEL 6 : openstack-cinder (RHSA-2014:1787)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1787 advisory. OpenStack Block Storage (cinder) manages block storage mounting and the presentation of such mounted block storage to instances. The...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6742-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6742-2 advisory. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain...