HP LaserJet Enterprise Printers, HP PageWide Enterprise Printers, HP LaserJet Managed Printers, HP OfficeJet Enterprise Printers Security Vulnerabilities

RHEL 7 : rpm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. file: Buffer over-write in finfo_open with malformed magic file (CVE-2015-8865) rpm: Following symlinks...

RHEL 6 : unzip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. unzip: Heap-based buffer overflow in fileio.c:UzpPassword function allows code execution ...

RHEL 7 : squashfs-tools (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. squashfs-tools: possible Directory Traversal via symbolic link (CVE-2021-41072) Integer overflow in the...

RHEL 6 : perl-libwww-perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-libwww-perl: multiple HTTP client download filename vulnerability [OCERT 2010-001] (CVE-2010-2253) ...

RHEL 5 : jasper (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jasper: Out of bounds heap read in jpc_dec_decodepkt (CVE-2017-6852) The jas_malloc function in...

RHEL 5 : dnsmasq (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libvirt+dnsmasq: DNS configured to answer DNS queries from non-virtual networks (CVE-2012-3411) dnsmasq:...

RHEL 6 : ncurses (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ncurses: Stack-based buffer overflow caused by format string vulnerability in fmt_entry function ...

RHEL 6 : consolekit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. ConsoleKit: Policy restrictions break-out via remote Virtual Network Computing (VNC) session (CVE-2010-4664) ...

RHEL 4 : server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. OpenJDK Font processing vulnerability (6733336) (CVE-2008-5356) OpenJDK Truetype Font processing...

RHEL 8 : resteasy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. RESTEasy: PathParam in RESTEasy can lead to a reflected XSS attack (CVE-2021-20293) In RESTEasy the...

RHEL 7 : poppler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. poppler: heap buffer overflow in ExponentialFunction (CVE-2015-8868) poppler: recursive function call in...

RHEL 4 : bind (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. bind: deleted domain name resolving flaw (CVE-2012-1033) bind: malformed signature records for DNAME...

RHEL 4 : lha (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. multiple vulnerabilities in lha (CVE-2006-4336, CVE-2006-4337) Array index error in the make_table...

RHEL 5 : libxv (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXv: Insufficient validation of server responses results in out-of bounds accesses (CVE-2016-5407) ...

RHEL 5 : libxrender (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrender: Insufficient validation of server responses results out-of-bounds write in...

RHEL 7 : coreutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. coreutils: memory corruption flaw in parse_datetime() (CVE-2014-9471) coreutils: Non-privileged session...

RHEL 5 : libxi (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXi: Multiple Array Index error leading to heap-based OOB write (CVE-2013-1998) libXi: Insufficient...

RHEL 6 : libexif (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libexif: Out-of-bounds heap read in exif_data_save_data_entry function (CVE-2017-7544) A vulnerability...

RHEL 8 : butane (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705) Uncontrolled...

RHEL 8 : tcpdump (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. tcpdump: Buffer overflow in the -F command line argument parser (CVE-2018-16301) Note that Nessus has not tested for...

RHEL 6 : fetchmail (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. fetchmail: DoS (crash) in the base64 decoder upon server NTLM protocol exchange abort right after the ...

RHEL 4 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. httpd information disclosure in FileEtag (CVE-2003-1418) httpd: HTTP request smuggling attack against...

RHEL 5 : wpa_supplicant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. wpa_supplicant: local configuration update allows privilege escalation (CVE-2016-4477) wpa_supplicant:...

RHEL 7 : python-twisted (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-twisted: XMPP support in words.protocols.jabber.xmlstream in Twisted does not verify certificates ...

RHEL 7 : rhn-client-tools (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. rhn-setup: rhnreg_ks fails to properly validate SSL/TLS certificates (CVE-2015-1777) Note that Nessus has not tested...

RHEL 7 : jackson-databind (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper (CVE-2017-7525) A...

RHEL 9 : binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c (CVE-2021-45078) In GNU Binutils...

RHEL 9 : cri-o (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. opencontainers: OCI manifest and index parsing confusion (CVE-2021-41190) Note that Nessus has not tested for this...

RHEL 8 : mesa (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. mesa: security bypass in 3D library graphics (CVE-2019-5068) Note that Nessus has not tested for this issue but has...

RHEL 9 : nodejs:18 (RHSA-2024:3544)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3544 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. ...

RHEL 8 : gd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gd: Information disclosure in gdImageCreateFromXbm() (CVE-2019-11038) gd_gif_in.c in the GD Graphics...

RHEL 9 : nginx (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication ...

RHEL 8 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp ...

RHEL 9 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: local privileges escalation in kernel/bpf/verifier.c (CVE-2022-23222) Kernel: use-after-free in...

RHEL 8 : vino (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libvncserver: information disclosure and ASLR bypass (CVE-2019-15681) libvncserver: libvncserver/rre.c...

RHEL 7 : binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. binutils: heap-based buffer overflow in finish_stab in stabs.c (CVE-2018-12699) The...

RHEL 8 : libarchive (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libarchive: heap-based buffer overflow in archive_string_append_from_wcs function in archive_string.c ...

RHEL 5 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c ...

RHEL 7 : Red Hat Single Sign-On 7.6.9 security update on RHEL 7 (Low) (RHSA-2024:3566)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3566 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on...

RHEL 7 : v8 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. V8: integer overflow leading to buffer overflow in Zone::New (CVE-2016-1669) Note that Nessus has not tested for...

RHEL 8 : ntp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ntp: decodearr() can write beyond its buffer limit (CVE-2018-7183) ntpd in ntp 4.2.x before 4.2.8p7 and...

RHEL 7 : jasperreports-server-pro (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for...

RHEL 6 : sqlite (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. sqlite: Heap-buffer overflow in the getNodeSize function (CVE-2017-10989) os_unix.c in SQLite before...

RHEL 7 : camel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. hibernate-validator: Privilege escalation when running under the security manager (CVE-2017-7536) Note that Nessus...

RHEL 7 : nss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla NSS: Errors in mp_div and mp_exptmod cryptographic functions (CVE-2016-1938) SSL/TLS: Birthday...

RHEL 8 : kibana (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747) mixin-deep is vulnerable to...

RHEL 6 : ldns (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ldns: Memory corruption in ldns_rr_new_frm_fp_l (CVE-2017-1000231) The ldns-keygen tool in ldns 1.6.x...

RHEL 7 : wavpack (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. wavpack: out of bounds write in ParseRiffHeaderConfig in riff.c (CVE-2018-10536) The read_code function...

RHEL 8 : mod_security_crs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mod_security_crs: Content-Type or Content-Transfer-Encoding MIME header fields abuse (CVE-2022-39956) ...

RHEL 6 : inkscape (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. inkscape: XXE via SVG rasterization (CVE-2012-5656) inkscape: Reads .eps files from /tmp instead of...