HP LaserJet Enterprise Printers, HP PageWide Enterprise Printers, HP LaserJet Managed Printers, HP OfficeJet Enterprise Printers Security Vulnerabilities

RHEL 6 : python33-python (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. python: missing boundary check in JSON module (CVE-2014-4616) Note that Nessus has not tested for this issue but has...

RHEL 7 : webkitgtk3 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30858) Late TLS certificate...

RHEL 6 : libcap-ng (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. policycoreutils: local privilege escalation via seunshare (CVE-2014-3215) Note that Nessus has not tested for this...

RHEL 7 : dbus (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. dbus: denial of service in file descriptor passing feature (CVE-2014-3532) dbus: denial of service when...

RHEL 7 : gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gnutls: certificate algorithm consistency checking issue (CVE-2015-0294) gnutls: use-after-free flaw in...

RHEL 4 : qt (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. QT: BMP image handler crash (CVE-2015-0295) Note that Nessus has not tested for this issue but has instead relied on...

RHEL 6 : hplip (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. hplip: hp-plugin verified binary download with short key ID (CVE-2015-0839) Note that Nessus has not tested for this...

RHEL 6 : batik (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. batik: XML external entity processing vulnerability (CVE-2017-5662) batik: information disclosure when...

RHEL 6 : xerces-c (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. xerces-c: Use-after-free in heap on specially crafted XML input (CVE-2016-2099) internal/XMLReader.cpp...

RHEL 5 : libksba (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libksba: integer underflow flaw leading to a heap-based buffer overflow in ksba_oid_to_str() ...

RHEL 5 : zsh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. zsh: buffer overrun in symlinks (CVE-2017-18206) zsh before 5.0.7 allows evaluation of the initial...

RHEL 4 : libtiff (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libtiff: Heap-buffer overflow due to TileSize calculation when parsing tiff files (CVE-2012-1173) Note that Nessus...

RHEL 6 : libgdata (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libgdata: Absent validation of SSL certificates (CVE-2012-1177) Note that Nessus has not tested for this issue but...

RHEL 6 : crypto-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. crypto-utils: insecure temporary file usage in genkey (CVE-2012-3504) Note that Nessus has not tested for this issue...

RHEL 6 : icu (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ICU: missing boundary checks in layout engine (OpenJDK 2D, 8132042) (CVE-2015-4844) icu: Double free in...

RHEL 5 : ncurses (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ncurses: Stack-based buffer overflow caused by format string vulnerability in fmt_entry function ...

RHEL 7 : nasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nasm: use-after-free in paste_tokens in asm/preproc.c (CVE-2019-8343) In Netwide Assembler (NASM)...

RHEL 7 : libvorbis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392) The vorbis_analysis_wrote...

RHEL 6 : libvorbis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392) The vorbis_analysis_wrote...

RHEL 6 : xdg-user-dirs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. xdg-user-dirs, gnome-session: Xsession creation of XDG user directories does not honor system umask policy ...

RHEL 7 : httpclient (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956) Note that...

RHEL 8 : ant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ant: insecure temporary file vulnerability (CVE-2020-1945) When reading a specially crafted TAR archive...

RHEL 7 : candlepin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695) Note that...

RHEL 8 : glade (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. glade: segmentation fault in glade_gtk_box_post_create() (CVE-2020-36774) Note that Nessus has not tested for this...

RHEL 7 : cyrus-sasl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. cyrus-sasl: denial of service in _sasl_add_string function (CVE-2019-19906) Note that Nessus has not tested for this...

RHEL 6 : json-c (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. json-c, libfastjson: integer overflow and out-of-bounds write via a large JSON file (CVE-2020-12762) Note that...

RHEL 8 : velocity (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. velocity: arbitrary code execution when attacker is able to modify templates (CVE-2020-13936) Note that Nessus has...

RHEL 8 : perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl: corruption of intermediate language state of compiled regular expression due to integer overflow ...

RHEL 8 : perl-app-cpanminus (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. perl-App-cpanminus: Bypass of verification of signatures in CHECKSUMS files (CVE-2020-16154) Note that Nessus has...

RHEL 9 : nss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nss: Information exposure when DH secret are reused across multiple TLS connections (CVE-2020-12413) Note that...

RHEL 8 : gcc-toolset-10-binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. binutils: Heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c (CVE-2021-20284) Note that...

RHEL 8 : 7.2_php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: Information disclosure in exif_read_data() function (CVE-2020-7064) In PHP versions 7.2.x below...

RHEL 5 : iputils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. iputils: denial of service vulnerability in ping (CVE-2010-2529) Note that Nessus has not tested for this issue but...

RHEL 3 : squirrelmail (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. SquirrelMail: Mail Fetch plugin -- port-scans via non-standard POP3 server ports (CVE-2010-1637) ...

RHEL 5 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ruby: Command injection vulnerability in Net::FTP (CVE-2017-17405) ruby: OpenSSL::X509::Name equality...

RHEL 5 : file (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. file: out-of-bounds read in elf note headers (CVE-2014-3710) file: denial of service issue (resource...

RHEL 7 : jquery (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251) Note that Nessus has not tested for this...

RHEL 7 : bluez (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. bluez: heap-based buffer overflow via crafted request (CVE-2019-8922) Buffer overflow in BlueZ 5.41 and...

RHEL 8 : kernel (RHSA-2024:3528)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3528 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: NULL pointer dereference...

RHEL 9 : libtiff (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libtiff: heap-based use after free in tiff2pdf.c:t2p_writeproc (CVE-2017-17973) Out-of-bounds Read error...

RHEL 6 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. firefox: Possible integer overflow to fix inside XML_Parse in Expat (CVE-2016-9063) httpd: Weak Digest...

RHEL 5 : firefox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Malicious Extension could obtain auth codes from OAuth login flows (CVE-2020-6823) Mozilla...

RHEL 6 : libreoffice (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libreoffice: Multiple out-of-bounds overflows in lwp filter (CVE-2016-0795) libreoffice: heap-based...

RHEL 7 : apache-commons-compress (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive ...

RHEL 9 : xerces-j2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. xerces-j2: infinite loop when handling specially crafted XML document payloads (CVE-2022-23437) Note that Nessus has...

RHEL 5 : kernel-xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. xsa155 xen: paravirtualized drivers incautious about shared memory contents (XSA-155) (CVE-2015-8550) ...

RHEL 8 : redis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. redis: Code injection via Lua script execution environment (CVE-2022-24735) redis: heap overflow in the...

RHEL 8 : ovn2.13 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. ovn: service monitor MAC flow is not rate limited (CVE-2023-3153) Note that Nessus has not tested for this issue but...

RHEL 8 : ncurses (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c (CVE-2021-39537) In ncurses 6.1,...

RHEL 8 : libguestfs-winsupport (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array ...