HP LaserJet Enterprise Printers, HP PageWide Enterprise Printers, HP LaserJet Managed Printers, HP OfficeJet Enterprise Printers Security Vulnerabilities

RHEL 8 : jbossweb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. tomcat: deserialization flaw in session persistence storage leading to RCE (CVE-2020-9484) Note that Nessus has not...

RHEL 8 : gcc-toolset-10-binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c (CVE-2021-20284) Note that...

RHEL 8 : numpy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. numpy: incomplete string comparison in the numpy.core component (CVE-2021-34141) numpy: buffer overflow...

RHEL 7 : lvm2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. lvm2: memory leak in vg_lookup in daemons/lvmetad/lvmetad-core.c (CVE-2020-8991) Note that Nessus has not tested for...

SUSE: Security Advisory (SUSE-SU-2024:1874-1)

The remote host is missing an update for...

RHEL 5 : microcode_ctl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. hw: Intel SGX information leak (CVE-2019-0117) Improper conditions check in the voltage modulation...

RHEL 8 : qpdf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. qpdf: Heap use after free in Pl_ASCII85Decoder::write (CVE-2021-25786) qpdf: heap-based buffer overflow...

RHEL 6 : net-snmp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. net-snmp: NULL pointer exception in snmp_oid_compare in snmplib/snmp_api.c resulting in a denial of service...

RHEL 6 : python-requests (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074) Note that Nessus...

RHEL 7 : python-pip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python-pip: when --extra-index-url option is used and package does not already exist in the public...

RHEL 6 : xulrunner (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146) Note that Nessus has not tested...

RHEL 5 : xulrunner (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146) Note that Nessus has not tested...

RHEL 8 : patch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. patch: Invalid Pointer via another_hunk function (CVE-2021-45261) GNU patch through 2.7.6 contains a...

RHEL 7 : graphite2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. graphite2: NULL pointer dereference in Segment.cpp in libgraphite2 (CVE-2018-7999) Note that Nessus has not tested...

RHEL 8 : sysstat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. sysstat: Out-of-bounds read in remap_struct function in sa_common.c (CVE-2018-19416) An issue was...

RHEL 8 : tcpdump (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. tcpdump: Buffer overflow in the -F command line argument parser (CVE-2018-16301) Note that Nessus has not tested for...

RHEL 9 : cogl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. stb_image: heap-based buffer overflow (CVE-2021-37789) Note that Nessus has not tested for this issue but has...

RHEL 9 : libbpf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libbpf: heap-based buffer overflow (8 bytes) in __bpf_object__open (CVE-2021-45941) libbpf 0.6.0 and...

RHEL 7 : candlepin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695) Note that...

RHEL 6 : json-c (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. json-c, libfastjson: integer overflow and out-of-bounds write via a large JSON file (CVE-2020-12762) Note that...

RHEL 7 : httpclient (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956) Note that...

RHEL 9 : pywbem (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. m2crypto: Bleichenbacher timing attacks in the RSA decryption API - incomplete fix for CVE-2020-25657 ...

RHEL 6 : sane-backends (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. sane-backends: SANE_NET_CONTROL_OPTION response packet may contain memory contents of the server (CVE-2017-6318) ...

RHEL 8 : nodejs-http-signature (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nodejs-http-signature: HTTP header forgery (CVE-2017-16005) Note that Nessus has not tested for this issue but has...

RHEL 7 : nspr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nspr: Memory allocation issue related to PR_*printf functions (CVE-2016-1951) Note that Nessus has not tested for...

RHEL 6 : nspr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nspr: Memory allocation issue related to PR_*printf functions (CVE-2016-1951) Note that Nessus has not tested for...

RHEL 5 : libcroco (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libcroco: Undefined behavior issue in cr_tknzr_parse_rgb function (CVE-2017-7961) The...

RHEL 7 : p11-kit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c (CVE-2020-29362) ...

RHEL 8 : 7.2_php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: Information disclosure in exif_read_data() function (CVE-2020-7064) In PHP versions 7.2.x below...

RHEL 9 : maven (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. maven: Block repositories using http by default (CVE-2021-26291) Note that Nessus has not tested for this issue but...

RHEL 7 : evolution-data-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. evolution-data-server: Unsafe use of strcat allows buffer overflow in...

RHEL 8 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tomcat: Session fixation when using FORM authentication (CVE-2019-17563) tomcat: JsonErrorReportValve...

RHEL 6 : libxcursor (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c (CVE-2015-9262) ...

RHEL 6 : mod_auth_mellon (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mod_auth_mellon: open redirect in logout url when using URLs with backslashes (CVE-2019-3877) The...

RHEL 8 : ovn2.13 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. ovn: service monitor MAC flow is not rate limited (CVE-2023-3153) Note that Nessus has not tested for this issue but...

RHEL 8 : redis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. redis: Code injection via Lua script execution environment (CVE-2022-24735) redis: heap overflow in the...

RHEL 6 : perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl: heap buffer overflow in pp_pack.c (CVE-2018-6913) Perl 5.10.x allows context-dependent attackers...

RHEL 5 : kernel-xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. xsa155 xen: paravirtualized drivers incautious about shared memory contents (XSA-155) (CVE-2015-8550) ...

RHEL 8 : kernel (RHSA-2024:3528)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3528 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: NULL pointer dereference...

RHEL 9 : xerces-j2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. xerces-j2: infinite loop when handling specially crafted XML document payloads (CVE-2022-23437) Note that Nessus has...

RHEL 7 : libssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL (CVE-2020-16135) Note that Nessus...

RHEL 6 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. firefox: Possible integer overflow to fix inside XML_Parse in Expat (CVE-2016-9063) httpd: Weak Digest...

RHEL 5 : firefox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Malicious Extension could obtain auth codes from OAuth login flows (CVE-2020-6823) Mozilla...

RHEL 9 : ovmf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssl: AES OCB fails to encrypt some bytes (CVE-2022-2097) openssl: timing attack in RSA Decryption...

RHEL 5 : binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. binutils: heap-based buffer overflow in finish_stab in stabs.c (CVE-2018-12699) The srec_scan function...

RHEL 6 : libreoffice (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libreoffice: Multiple out-of-bounds overflows in lwp filter (CVE-2016-0795) libreoffice: heap-based...

RHEL 5 : libwmf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gd: additional overflows (CVE-2004-0941) libwmf: Memory allocation failure in wmf_malloc...

RHEL 6 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nodejs-semver: Regular expression denial of service (CVE-2022-25883) Note that Nessus has not tested for this issue...

RHEL 8 : qemu-kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. QEMU: usbredir: free() call on invalid pointer in bufp_alloc() (CVE-2021-3682) The ahci_commit_buf...

RHEL 8 : exiv2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. exiv2: buffer overflow in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp ...