HP LaserJet Enterprise Printers, HP PageWide Enterprise Printers, HP LaserJet Managed Printers, HP OfficeJet Enterprise Printers Security Vulnerabilities

RHEL 9 : netty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. netty: SniHandler 16MB allocation leads to OOM (CVE-2023-34462) Note that Nessus has not tested for this issue but...

RHEL 7 : wavpack (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. wavpack: out of bounds write in ParseRiffHeaderConfig in riff.c (CVE-2018-10536) The read_code function...

RHEL 6 : keepalived (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. keepalived: Heap-based buffer overflow when parsing HTTP status codes allows for denial of service or ...

RHEL 5 : libxxf86dga (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXxf86dga: Array Index error leading to heap-based OOB write (CVE-2013-2000) Multiple integer...

RHEL 6 : inkscape (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. inkscape: XXE via SVG rasterization (CVE-2012-5656) inkscape: Reads .eps files from /tmp instead of...

RHEL 8 : kibana (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747) mixin-deep is vulnerable to...

RHEL 6 : firefox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Type confusion for special arguments in IonMonkey (CVE-2020-15656) Mozilla: Malicious Extension...

RHEL 6 : rdesktop (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. rdesktop: Remote code execution in ui_clip_handle_data (CVE-2018-8800) rdesktop versions up to and...

RHEL 7 : imagemagick (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ImageMagick: NULL pointer dereference in GetMagickProperty function in MagickCore/property.c ...

RHEL 5 : netpbm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jasper: incorrect component number check in COC, RGN and QCC marker segment decoders (oCERT-2014-009) ...

RHEL 7 : php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php: Heap-based...

RHEL 6 : php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php:...

RHEL 5 : libxv (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXv: Insufficient validation of server responses results in out-of bounds accesses (CVE-2016-5407) ...

RHEL 5 : libxi (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXi: Multiple Array Index error leading to heap-based OOB write (CVE-2013-1998) libXi: Insufficient...

RHEL 5 : libxrender (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrender: Insufficient validation of server responses results out-of-bounds write in...

RHEL 4 : bind (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. bind: deleted domain name resolving flaw (CVE-2012-1033) bind: malformed signature records for DNAME...

RHEL 9 : odo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148) Note that...

RHEL 6 : nasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nasm: use-after-free in paste_tokens in asm/preproc.c (CVE-2019-8343) In Netwide Assembler (NASM)...

RHEL 7 : coreutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. coreutils: memory corruption flaw in parse_datetime() (CVE-2014-9471) coreutils: Non-privileged session...

RHEL 8 : 8.3_qemu-kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. QEMU: intel-hda: segmentation fault due to stack overflow (CVE-2021-3611) Note that Nessus has not tested for this...

RHEL 8 : jboss-on (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jackson-databind: use of deeply nested arrays (CVE-2022-42004) jackson-databind 2.10.x through 2.12.x...

RHEL 9 : libbpf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libbpf: heap-based buffer overflow (8 bytes) in __bpf_object__open (CVE-2021-45941) libbpf 0.6.0 and...

RHEL 6 : ntp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ntp: denial of service by trigerring rate limiting on NTP server (CVE-2015-7705) The monlist feature in...

RHEL 6 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver (CVE-2017-12762) kernel:...

RHEL 8 : qs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. express: qs prototype poisoning causes the hang of the node process (CVE-2022-24999) Note that Nessus has not tested...

RHEL 5 : mingw-virt-viewer (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gstreamer-plugins-good: Heap buffer overflow in FLIC decoder (CVE-2016-9636) The...

RHEL 9 : httl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. Apache Commons FileUpload: FileUpload DoS with excessive parts (CVE-2023-24998) Note that Nessus has not tested for...

RHEL 7 : glib2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c ...

RHEL 6 : mod_nss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. mod_nss: Invalid handling of +CIPHER operator (CVE-2016-3099) Note that Nessus has not tested for this issue but has...

RHEL 6 : mysql55-mysql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mysql: unspecified vulnerability in subcomponent: Server: Option (CPU July 2016) (CVE-2016-3471) mysql:...

RHEL 5 : mysql55-mysql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mysql: general_log can write to configuration files, leading to privilege escalation (CPU Oct 2016) ...

RHEL 8 : postgresql-jdbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724) A weakness...

RHEL 8 : perl-dbi (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-dbi: Buffer overflow on an overlong DBD class name (CVE-2020-14393) An issue was discovered in the...

RHEL 8 : mysql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. mysql: pid file can be created in a world-writeable directory (CPU Apr 2018) (CVE-2018-2773) Note that Nessus has...

RHEL 7 : python-gevent (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-gevent: privilege escalation via a crafted script to the WSGIServer component (CVE-2023-41419) Note that...

RHEL 8 : cri-o (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. proglottis/gpgme: Use-after-free in GPGME bindings during container image pull (CVE-2020-8945) The OCI...

RHEL 8 : libvncserver (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libvncserver: Multiple heap out-of-bound writes in VNC client code (Incomplete fix for CVE-2018-20019) ...

RHEL 4 : quota (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. quota: incorrect use of tcp_wrappers (CVE-2012-3417) Note that Nessus has not tested for this issue but has instead...

RHEL 6 : jasper (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jasper: heap-based buffer over-read of size 8 in jas_image_depalettize in libjasper/base/jas_image.c ...

RHEL 5 : ntp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ntp: Stack-based buffer overflow in ntpq and ntpdc allows denial of service or code execution ...

RHEL 8 : glib-networking (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. glib-networking: GTlsClientConnection silently ignores unset server identity (CVE-2020-13645) Note that Nessus has...

RHEL 8 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. transfig: Buffer underwrite in read.c:get_line() via crafted FIG file (CVE-2018-16140) Xfig fig2dev...

RHEL 8 : av_libtpms (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libtpms: RSA keys weaker than expected (CVE-2021-3505) tpm: TCG TPM2.0 implementations vulnerable to...

RHEL 8 : libbpf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libbpf: heap-based buffer overflow (8 bytes) in __bpf_object__open (CVE-2021-45941) libbpf 0.6.0 and...

RHEL 8 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tomcat: Session fixation when using FORM authentication (CVE-2019-17563) tomcat: JsonErrorReportValve...

RHEL 7 : evolution-data-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. evolution-data-server: Unsafe use of strcat allows buffer overflow in...

RHEL 6 : libxcursor (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c (CVE-2015-9262) ...

RHEL 6 : mod_auth_mellon (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mod_auth_mellon: open redirect in logout url when using URLs with backslashes (CVE-2019-3877) The...

RHEL 9 : xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. QEMU: infinite loop in xhci_ring_chain_length() in hw/usb/hcd-xhci.c (CVE-2020-14394) Note that Nessus has not...

RHEL 9 : mcg (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723) Note that Nessus has...