HP LaserJet Enterprise Printers, HP PageWide Enterprise Printers, HP LaserJet Managed Printers, HP OfficeJet Enterprise Printers Security Vulnerabilities

RHEL 7 : opencv (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. opencv: out-of-bounds write error in the function FillColorRow4 (CVE-2017-12606) OpenCV 3.0.0 has a...

RHEL 7 : perltidy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. perltidy: Uses current working directory without symlink-attack protection (CVE-2016-10374) Note that Nessus has not...

RHEL 8 : autotrace (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. autotrace: Out of bounds write when converting bmp image (CVE-2016-7392) Note that Nessus has not tested for this...

RHEL 5 : bash (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. bash: Specially crafted SHELLOPTS+PS4 variables allows command substitution (CVE-2016-7543) The...

RHEL 6 : tigervnc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tigervnc: SecurityServer and ClientServer memory leaks (CVE-2017-7396) In TigerVNC 1.7.1...

RHEL 5 : libcroco (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libcroco: Undefined behavior issue in cr_tknzr_parse_rgb function (CVE-2017-7961) The...

RHEL 5 : libxdmcp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libXdmcp: weak entropy usage for session keys (CVE-2017-2625) Note that Nessus has not tested for this issue but has...

RHEL 5 : spamassassin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. spamassassin: Local user code injection in the meta rule syntax (CVE-2018-11781) A denial of service...

RHEL 5 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. transfig: Buffer underwrite in read.c:get_line() via crafted FIG file (CVE-2018-16140) An array index...

RHEL 8 : nodejs-http-signature (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nodejs-http-signature: HTTP header forgery (CVE-2017-16005) Note that Nessus has not tested for this issue but has...

RHEL 7 : unbound (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. unbound: command injection with data coming from a specially crafted IPSECKEY answer (CVE-2019-18934) A...

RHEL 6 : sane-backends (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. sane-backends: SANE_NET_CONTROL_OPTION response packet may contain memory contents of the server (CVE-2017-6318) ...

RHEL 6 : openexr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. OpenEXR: Out-of-bounds write in the = operator function (CVE-2017-9115) In OpenEXR 2.2.0, a crafted...

RHEL 7 : pulseaudio (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. pulseaudio: denial of service in module-rtp-recv (CVE-2014-3970) Note that Nessus has not tested for this issue but...

RHEL 6 : python33-python (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python: missing boundary check in JSON module (CVE-2014-4616) Note that Nessus has not tested for this issue but has...

RHEL 7 : webkitgtk3 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30858) Late TLS certificate...

RHEL 6 : libcap-ng (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. policycoreutils: local privilege escalation via seunshare (CVE-2014-3215) Note that Nessus has not tested for this...

RHEL 7 : dbus (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. dbus: denial of service in file descriptor passing feature (CVE-2014-3532) dbus: denial of service when...

RHEL 7 : gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gnutls: certificate algorithm consistency checking issue (CVE-2015-0294) gnutls: use-after-free flaw in...

RHEL 4 : qt (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. QT: BMP image handler crash (CVE-2015-0295) Note that Nessus has not tested for this issue but has instead relied on...

RHEL 6 : hplip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. hplip: hp-plugin verified binary download with short key ID (CVE-2015-0839) Note that Nessus has not tested for this...

RHEL 7 : patch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. patch: directory traversal via file rename (CVE-2015-1395) GNU patch 2.7.1 allows remote attackers to...

RHEL 6 : batik (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. batik: XML external entity processing vulnerability (CVE-2017-5662) batik: information disclosure when...

RHEL 6 : xerces-c (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. xerces-c: Use-after-free in heap on specially crafted XML input (CVE-2016-2099) internal/XMLReader.cpp...

RHEL 5 : libksba (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libksba: integer underflow flaw leading to a heap-based buffer overflow in ksba_oid_to_str() ...

RHEL 5 : zsh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. zsh: buffer overrun in symlinks (CVE-2017-18206) zsh before 5.0.7 allows evaluation of the initial...

RHEL 4 : libtiff (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libtiff: Heap-buffer overflow due to TileSize calculation when parsing tiff files (CVE-2012-1173) Note that Nessus...

RHEL 6 : libgdata (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libgdata: Absent validation of SSL certificates (CVE-2012-1177) Note that Nessus has not tested for this issue but...

RHEL 6 : crypto-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. crypto-utils: insecure temporary file usage in genkey (CVE-2012-3504) Note that Nessus has not tested for this issue...

RHEL 6 : icu (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042) (CVE-2015-4844) icu: Double free in...

RHEL 7 : fontforge (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. fontforge: Command injetion in help function uiutil.c (CVE-2017-17521) FontForge 20161012 is vulnerable...

RHEL 5 : ncurses (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ncurses: Stack-based buffer overflow caused by format string vulnerability in fmt_entry function ...

RHEL 7 : nasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nasm: use-after-free in paste_tokens in asm/preproc.c (CVE-2019-8343) In Netwide Assembler (NASM)...

RHEL 7 : libvorbis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392) The vorbis_analysis_wrote...

RHEL 6 : libvorbis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392) The vorbis_analysis_wrote...

RHEL 6 : xdg-user-dirs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. xdg-user-dirs, gnome-session: Xsession creation of XDG user directories does not honor system umask policy ...

RHEL 7 : httpclient (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956) Note that...

RHEL 8 : ant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ant: insecure temporary file vulnerability (CVE-2020-1945) When reading a specially crafted TAR archive...

RHEL 7 : candlepin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695) Note that...

RHEL 8 : glade (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. glade: segmentation fault in glade_gtk_box_post_create() (CVE-2020-36774) Note that Nessus has not tested for this...

RHEL 8 : jbossweb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. tomcat: deserialization flaw in session persistence storage leading to RCE (CVE-2020-9484) Note that Nessus has not...

RHEL 7 : cyrus-sasl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. cyrus-sasl: denial of service in _sasl_add_string function (CVE-2019-19906) Note that Nessus has not tested for this...

RHEL 6 : json-c (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. json-c, libfastjson: integer overflow and out-of-bounds write via a large JSON file (CVE-2020-12762) Note that...

RHEL 8 : velocity (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936) Note that Nessus has...

RHEL 8 : perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl: corruption of intermediate language state of compiled regular expression due to integer overflow ...

RHEL 8 : perl-app-cpanminus (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. perl-App-cpanminus: Bypass of verification of signatures in CHECKSUMS files (CVE-2020-16154) Note that Nessus has...

RHEL 9 : nss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nss: Information exposure when DH secret are reused across multiple TLS connections (CVE-2020-12413) Note that...

RHEL 8 : gcc-toolset-10-binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c (CVE-2021-20284) Note that...

RHEL 8 : 7.2_php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: Information disclosure in exif_read_data() function (CVE-2020-7064) In PHP versions 7.2.x below...

RHEL 5 : iputils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. iputils: denial of service vulnerability in ping (CVE-2010-2529) Note that Nessus has not tested for this issue but...