RHEL 9 : netty (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. netty: SniHandler 16MB allocation leads to OOM (CVE-2023-34462) Note that Nessus has not tested for this issue but...
6.5CVSS
6.8AI Score
0.001EPSS
RHEL 7 : wavpack (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. wavpack: out of bounds write in ParseRiffHeaderConfig in riff.c (CVE-2018-10536) The read_code function...
7.8CVSS
7.7AI Score
0.004EPSS
RHEL 6 : keepalived (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. keepalived: Heap-based buffer overflow when parsing HTTP status codes allows for denial of service or ...
9.8CVSS
8.8AI Score
0.013EPSS
RHEL 5 : libxxf86dga (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXxf86dga: Array Index error leading to heap-based OOB write (CVE-2013-2000) Multiple integer...
7.5AI Score
0.015EPSS
RHEL 6 : inkscape (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. inkscape: XXE via SVG rasterization (CVE-2012-5656) inkscape: Reads .eps files from /tmp instead of...
5.5CVSS
7.4AI Score
0.001EPSS
RHEL 8 : kibana (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747) mixin-deep is vulnerable to...
9.8CVSS
9.9AI Score
0.005EPSS
RHEL 6 : firefox (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Type confusion for special arguments in IonMonkey (CVE-2020-15656) Mozilla: Malicious Extension...
9.8CVSS
7.8AI Score
0.012EPSS
RHEL 6 : rdesktop (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. rdesktop: Remote code execution in ui_clip_handle_data (CVE-2018-8800) rdesktop versions up to and...
9.8CVSS
9.5AI Score
0.141EPSS
RHEL 7 : imagemagick (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ImageMagick: NULL pointer dereference in GetMagickProperty function in MagickCore/property.c ...
9.8CVSS
8AI Score
0.242EPSS
RHEL 5 : netpbm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jasper: incorrect component number check in COC, RGN and QCC marker segment decoders (oCERT-2014-009) ...
7.8CVSS
8.1AI Score
0.425EPSS
RHEL 7 : php (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php: Heap-based...
9.8CVSS
9.7AI Score
0.921EPSS
RHEL 6 : php (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php:...
9.8CVSS
6.5AI Score
0.969EPSS
RHEL 5 : libxv (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXv: Insufficient validation of server responses results in out-of bounds accesses (CVE-2016-5407) ...
9.8CVSS
10AI Score
0.011EPSS
RHEL 5 : libxi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXi: Multiple Array Index error leading to heap-based OOB write (CVE-2013-1998) libXi: Insufficient...
7.5CVSS
8.9AI Score
0.014EPSS
RHEL 5 : libxrender (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrender: Insufficient validation of server responses results out-of-bounds write in...
9.8CVSS
10AI Score
0.014EPSS
RHEL 4 : bind (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. bind: deleted domain name resolving flaw (CVE-2012-1033) bind: malformed signature records for DNAME...
8.6CVSS
7.8AI Score
0.973EPSS
RHEL 9 : odo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148) Note that...
6.5CVSS
7.4AI Score
0.002EPSS
RHEL 6 : nasm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nasm: use-after-free in paste_tokens in asm/preproc.c (CVE-2019-8343) In Netwide Assembler (NASM)...
7.8CVSS
8.3AI Score
0.005EPSS
RHEL 7 : coreutils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. coreutils: memory corruption flaw in parse_datetime() (CVE-2014-9471) coreutils: Non-privileged session...
6.5CVSS
6.3AI Score
0.018EPSS
RHEL 8 : 8.3_qemu-kvm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. QEMU: intel-hda: segmentation fault due to stack overflow (CVE-2021-3611) Note that Nessus has not tested for this...
6.5CVSS
7AI Score
0.001EPSS
RHEL 8 : jboss-on (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jackson-databind: use of deeply nested arrays (CVE-2022-42004) jackson-databind 2.10.x through 2.12.x...
7.5CVSS
8.1AI Score
0.003EPSS
RHEL 9 : libbpf (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libbpf: heap-based buffer overflow (8 bytes) in __bpf_object__open (CVE-2021-45941) libbpf 0.6.0 and...
6.5CVSS
7.2AI Score
0.001EPSS
RHEL 6 : ntp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ntp: denial of service by trigerring rate limiting on NTP server (CVE-2015-7705) The monlist feature in...
9.8CVSS
9.1AI Score
0.967EPSS
RHEL 6 : kernel (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver (CVE-2017-12762) kernel:...
9.8CVSS
7.8AI Score
EPSS
RHEL 8 : qs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. express: qs prototype poisoning causes the hang of the node process (CVE-2022-24999) Note that Nessus has not tested...
7.5CVSS
7.3AI Score
0.01EPSS
RHEL 5 : mingw-virt-viewer (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gstreamer-plugins-good: Heap buffer overflow in FLIC decoder (CVE-2016-9636) The...
9.8CVSS
8.9AI Score
0.015EPSS
RHEL 9 : httl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. Apache Commons FileUpload: FileUpload DoS with excessive parts (CVE-2023-24998) Note that Nessus has not tested for...
7.5CVSS
7.3AI Score
0.034EPSS
RHEL 7 : glib2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c ...
9.8CVSS
9.2AI Score
0.023EPSS
RHEL 6 : mod_nss (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. mod_nss: Invalid handling of +CIPHER operator (CVE-2016-3099) Note that Nessus has not tested for this issue but has...
7.5CVSS
7.6AI Score
0.005EPSS
RHEL 6 : mysql55-mysql (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mysql: unspecified vulnerability in subcomponent: Server: Option (CPU July 2016) (CVE-2016-3471) mysql:...
7.5CVSS
5.4AI Score
0.005EPSS
RHEL 5 : mysql55-mysql (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mysql: general_log can write to configuration files, leading to privilege escalation (CPU Oct 2016) ...
7.5CVSS
6.2AI Score
0.009EPSS
RHEL 8 : postgresql-jdbc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes (CVE-2022-21724) A weakness...
9.8CVSS
8.6AI Score
0.018EPSS
RHEL 8 : perl-dbi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-dbi: Buffer overflow on an overlong DBD class name (CVE-2020-14393) An issue was discovered in the...
7.1CVSS
8.1AI Score
0.001EPSS
RHEL 8 : mysql (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. mysql: pid file can be created in a world-writeable directory (CPU Apr 2018) (CVE-2018-2773) Note that Nessus has...
4.1CVSS
7.6AI Score
0.0005EPSS
RHEL 7 : python-gevent (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-gevent: privilege escalation via a crafted script to the WSGIServer component (CVE-2023-41419) Note that...
9.8CVSS
7.5AI Score
0.002EPSS
RHEL 8 : cri-o (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. proglottis/gpgme: Use-after-free in GPGME bindings during container image pull (CVE-2020-8945) The OCI...
7.5CVSS
5.8AI Score
0.012EPSS
RHEL 8 : libvncserver (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libvncserver: Multiple heap out-of-bound writes in VNC client code (Incomplete fix for CVE-2018-20019) ...
9.8CVSS
8.5AI Score
0.143EPSS
RHEL 4 : quota (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. quota: incorrect use of tcp_wrappers (CVE-2012-3417) Note that Nessus has not tested for this issue but has instead...
6.6AI Score
0.005EPSS
RHEL 6 : jasper (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jasper: heap-based buffer over-read of size 8 in jas_image_depalettize in libjasper/base/jas_image.c ...
7.5CVSS
7.7AI Score
0.035EPSS
RHEL 5 : ntp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ntp: Stack-based buffer overflow in ntpq and ntpdc allows denial of service or code execution ...
9.8CVSS
10AI Score
EPSS
RHEL 8 : glib-networking (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. glib-networking: GTlsClientConnection silently ignores unset server identity (CVE-2020-13645) Note that Nessus has...
6.5CVSS
9.5AI Score
0.006EPSS
RHEL 8 : transfig (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. transfig: Buffer underwrite in read.c:get_line() via crafted FIG file (CVE-2018-16140) Xfig fig2dev...
5.5CVSS
7.2AI Score
0.002EPSS
RHEL 8 : av_libtpms (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libtpms: RSA keys weaker than expected (CVE-2021-3505) tpm: TCG TPM2.0 implementations vulnerable to...
7.8CVSS
7.7AI Score
0.001EPSS
RHEL 8 : libbpf (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libbpf: heap-based buffer overflow (8 bytes) in __bpf_object__open (CVE-2021-45941) libbpf 0.6.0 and...
6.5CVSS
7.2AI Score
0.001EPSS
RHEL 8 : tomcat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. tomcat: Session fixation when using FORM authentication (CVE-2019-17563) tomcat: JsonErrorReportValve...
7.5CVSS
9.2AI Score
0.912EPSS
RHEL 7 : evolution-data-server (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. evolution-data-server: Unsafe use of strcat allows buffer overflow in...
5.9CVSS
8.8AI Score
0.004EPSS
RHEL 6 : libxcursor (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c (CVE-2015-9262) ...
9.8CVSS
8AI Score
0.045EPSS
RHEL 6 : mod_auth_mellon (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mod_auth_mellon: open redirect in logout url when using URLs with backslashes (CVE-2019-3877) The...
7.5CVSS
7.4AI Score
0.008EPSS
RHEL 9 : xen (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. QEMU: infinite loop in xhci_ring_chain_length() in hw/usb/hcd-xhci.c (CVE-2020-14394) Note that Nessus has not...
3.2CVSS
5.3AI Score
0.001EPSS
RHEL 9 : mcg (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723) Note that Nessus has...
7.5CVSS
7.8AI Score
0.024EPSS