HP LaserJet Enterprise Printers, HP PageWide Enterprise Printers, HP LaserJet Managed Printers, HP OfficeJet Enterprise Printers Security Vulnerabilities

RHEL 9 : dotnet6.0 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881) Note that Nessus...

RHEL 9 : python-configobj (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-configobj: Regular expression denial of service exists in ./src/configobj/validate.py (CVE-2023-26112) ...

RHEL 9 : edk2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. openssl: Possible DoS translating ASN.1 object identifiers (CVE-2023-2650) Note that Nessus has not tested for this...

RHEL 4 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. httpd information disclosure in FileEtag (CVE-2003-1418) httpd: HTTP request smuggling attack against...

RHEL 4 : tog-pegasus (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. tog-pegasus: xml hash table collision CPU usage DoS (CVE-2011-4967) Note that Nessus has not tested for this issue...

RHEL 8 : yasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. yasm: SEGV in yasm/libyasm/intnum.c in function yasm_intnum_copy() (CVE-2023-37732) Note that Nessus has not tested...

RHEL 9 : pgjdbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE (CVE-2024-1597) ...

RHEL 9 : elfutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c ...

RHEL 6 : xulrunner (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146) Note that Nessus has not tested...

RHEL 5 : xulrunner (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146) Note that Nessus has not tested...

RHEL 5 : yum-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Nessus has...

RHEL 7 : spamassassin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. spamassassin: Malicious rule configuration files can be configured to run system commands...

RHEL 6 : libcgroup (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libcgroup: cgrulesengd creates log files with insecure permissions (CVE-2018-14348) Note that Nessus has not tested...

RHEL 8 : sysstat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. sysstat: Out-of-bounds read in remap_struct function in sa_common.c (CVE-2018-19416) An issue was...

RHEL 8 : tcpdump (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. tcpdump: Buffer overflow in the -F command line argument parser (CVE-2018-16301) Note that Nessus has not tested for...

RHEL 7 : python-pip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python-pip: when --extra-index-url option is used and package does not already exist in the public...

RHEL 8 : patch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. patch: Invalid Pointer via another_hunk function (CVE-2021-45261) GNU patch through 2.7.6 contains a...

RHEL 6 : evolution-data-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. evolution-data-server: Unsafe use of strcat allows buffer overflow in addressbook/backends/ldap/e-book- ...

RHEL 8 : file (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. file: out-of-bounds read in do_core_note in readelf.c (CVE-2019-8906) do_core_note in readelf.c in...

RHEL 8 : qpdf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. qpdf: Heap use after free in Pl_ASCII85Decoder::write (CVE-2021-25786) qpdf: heap-based buffer overflow...

RHEL 6 : net-snmp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. net-snmp: NULL pointer exception in snmp_oid_compare in snmplib/snmp_api.c resulting in a denial of service...

RHEL 6 : python-requests (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074) Note that Nessus...

RHEL 9 : ovn2.13 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. ovn: service monitor MAC flow is not rate limited (CVE-2023-3153) Note that Nessus has not tested for this issue but...

RHEL 7 : ovn2.13 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. ovn: service monitor MAC flow is not rate limited (CVE-2023-3153) Note that Nessus has not tested for this issue but...

RHEL 6 : jackson-databind (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. jackson-databind: denial of service via cylic dependencies (CVE-2023-35116) Note that Nessus has not tested for this...

RHEL 9 : libyang (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libyang: NULL pointer dereference via lysp_stmt_validate_value at lys_parse_mem.c (CVE-2023-26917) Note that Nessus...

RHEL 6 : janino (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. janino: DoS in expression evaluator.guess parameter name method (CVE-2023-33546) Note that Nessus has not tested for...

RHEL 7 : 8.2_qemu-kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. QEMU: e1000e: infinite loop scenario in case of null packet descriptor (CVE-2020-28916) Note that Nessus has not...

RHEL 7 : p11-kit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c (CVE-2020-29362) ...

RHEL 9 : pywbem (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. m2crypto: Bleichenbacher timing attacks in the RSA decryption API - incomplete fix for CVE-2020-25657 ...

RHEL 7 : tigervnc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. tigervnc: certificate exceptions stored as authorities (CVE-2020-26117) Note that Nessus has not tested for this...

RHEL 8 : dbus (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour (CVE-2020-35512) Note...

RHEL 8 : mcpp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. mcpp: heap based buffer overflow in function do_msg() in support.c (CVE-2019-14274) Note that Nessus has not tested...

RHEL 8 : libdwarf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libdwarf: division by zero in dwarf_elf_load_headers.c leading to DoS (CVE-2019-14249) libdwarf: NULL...

RHEL 7 : graphite2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. graphite2: NULL pointer dereference in Segment.cpp in libgraphite2 (CVE-2018-7999) Note that Nessus has not tested...

RHEL 9 : cogl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. stb_image: heap-based buffer overflow (CVE-2021-37789) Note that Nessus has not tested for this issue but has...

RHEL 7 : lvm2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. lvm2: memory leak in vg_lookup in daemons/lvmetad/lvmetad-core.c (CVE-2020-8991) Note that Nessus has not tested for...

RHEL 9 : maven (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. maven: Block repositories using http by default (CVE-2021-26291) Note that Nessus has not tested for this issue but...

RHEL 5 : xmlrpc-c (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. expat: buffer over-read and crash in big2_toUtf8() on XML with malformed UTF-8 sequences (CVE-2009-3560) Note that...

RHEL 4 : groff (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. groff: improper handling of failed attempts to create temporary directories in eqn2graph/pic2graph/grap2graph...

RHEL 6 : luci (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. plone: Header injection (CVE-2015-7318) Cross-site scripting (XSS) vulnerability in ZMI pages that use...

RHEL 7 : expat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. expat: Large number of prefixed XML attributes on a single tag can crash libexpat (CVE-2021-45960) ...

RHEL 5 : python (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python: Heap overflow in zipimporter module (CVE-2016-5636) python: Integer overflow in...

RHEL 5 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. LibRaw: Index overflow in smal_decode_segment (CVE-2015-8366) Unspecified vulnerability in dcraw 0.8.x...

RHEL 6 : tog-pegasus (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. tog-pegasus: xml hash table collision CPU usage DoS (CVE-2011-4967) Note that Nessus has not tested for this issue...

RHEL 4 : expat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. expat: Memory leak in poolGrow (CVE-2012-1148) The XML parser (xmlparse.c) in expat before 2.1.0...

RHEL 5 : wpa_supplicant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. wpa_supplicant: local configuration update allows privilege escalation (CVE-2016-4477) wpa_supplicant:...

RHEL 6 : xmlrpc3 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. XML-RPC SAX parser information exposure (CVE-2011-3600) Note that Nessus has not tested for this issue but has...

RHEL 5 : radvd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. radvd: numerous buffer overread flaws in process_ra() may lead to crash (CVE-2011-3604) radvd: temporary...

RHEL 5 : libreoffice (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libreoffice: multiple null pointer dereference flaws (CVE-2012-4233) openoffice: Arbitrary file...