HP LaserJet Enterprise Printers, HP PageWide Enterprise Printers, HP LaserJet Managed Printers, HP OfficeJet Enterprise Printers Security Vulnerabilities

RHEL 8 : libguestfs-winsupport (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array ...

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.17 Security update (Important) (RHSA-2024:3560)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3560 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This...

RHEL 9 : sendmail (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. sendmail: SMTP smuggling vulnerability (CVE-2023-51765) Note that Nessus has not tested for this issue but has...

RHEL 8 : expat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. expat: Large number of prefixed XML attributes on a single tag can crash libexpat (CVE-2021-45960) Expat...

RHEL 8 : apache-ivy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. apache-ivy: XML External Entity vulnerability (CVE-2022-46751) Note that Nessus has not tested for this issue but...

RHEL 7 : libssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL (CVE-2020-16135) Note that Nessus...

RHEL 8 : qemu-kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. QEMU: usbredir: free() call on invalid pointer in bufp_alloc() (CVE-2021-3682) The ahci_commit_buf...

RHEL 6 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. nodejs-semver: Regular expression denial of service (CVE-2022-25883) Note that Nessus has not tested for this issue...

RHEL 8 : exiv2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. exiv2: buffer overflow in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp ...

RHEL 7 : rh-dotnet21-curl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. curl: Glob parser write/read out of bounds (CVE-2016-8620) Use-after-free vulnerability in libcurl...

RHEL 8 : av_libnbd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. libnbd: Crash or misbehaviour when NBD server returns an unexpected block size (CVE-2023-5215) Note that Nessus has...

RHEL 5 : libwmf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gd: additional overflows (CVE-2004-0941) libwmf: Memory allocation failure in wmf_malloc...

RHEL 8 : ntp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ntp: decodearr() can write beyond its buffer limit (CVE-2018-7183) ntpd in ntp 4.2.x before 4.2.8p7 and...

RHEL 8 : libarchive (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libarchive: heap-based buffer overflow in archive_string_append_from_wcs function in archive_string.c ...

RHEL 5 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c ...

RHEL 9 : binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. binutils: out-of-bounds write in stab_xcoff_builtin_type() in stabs.c (CVE-2021-45078) In GNU Binutils...

RHEL 8 : dcraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp ...

RHEL 9 : cri-o (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. opencontainers: OCI manifest and index parsing confusion (CVE-2021-41190) Note that Nessus has not tested for this...

RHEL 6 : sqlite (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. sqlite: Heap-buffer overflow in the getNodeSize function (CVE-2017-10989) os_unix.c in SQLite before...

RHEL 6 : gradle (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gradle: Possible local text file exfiltration by XML External entity injection (CVE-2023-42445) gradle:...

RHEL 7 : bison (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. bison: allows attackers to cause a denial of service (CVE-2020-14150) Rejected reason: DO NOT USE THIS...

RHEL 7 : nss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla NSS: Errors in mp_div and mp_exptmod cryptographic functions (CVE-2016-1938) SSL/TLS: Birthday...

RHEL 8 : aspell (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. aspell: UCS-2 and UCS-4 null-terminated string handling OOB read (CVE-2019-20433) libaspell.a in GNU...

RHEL 5 : flash-plugin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. flash-plugin: multiple code execution issues fixed in APSB17-07 (CVE-2017-3003) Unspecified...

RHEL 9 : grafana (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. grafana: session control failure may lead to information disclosure (CVE-2022-32275) protobufjs:...

RHEL 8 : mod_security_crs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mod_security_crs: Content-Type or Content-Transfer-Encoding MIME header fields abuse (CVE-2022-39956) ...

RHEL 6 : ldns (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ldns: Memory corruption in ldns_rr_new_frm_fp_l (CVE-2017-1000231) The ldns-keygen tool in ldns 1.6.x...

RHEL 7 : camel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. hibernate-validator: Privilege escalation when running under the security manager (CVE-2017-7536) Note that Nessus...

RHEL 9 : netty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. netty: SniHandler 16MB allocation leads to OOM (CVE-2023-34462) Note that Nessus has not tested for this issue but...

RHEL 7 : wavpack (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. wavpack: out of bounds write in ParseRiffHeaderConfig in riff.c (CVE-2018-10536) The read_code function...

RHEL 6 : keepalived (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. keepalived: Heap-based buffer overflow when parsing HTTP status codes allows for denial of service or ...

RHEL 5 : libxxf86dga (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXxf86dga: Array Index error leading to heap-based OOB write (CVE-2013-2000) Multiple integer...

RHEL 6 : inkscape (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. inkscape: XXE via SVG rasterization (CVE-2012-5656) inkscape: Reads .eps files from /tmp instead of...

RHEL 8 : kibana (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nodejs-set-value: prototype pollution in function set-value (CVE-2019-10747) mixin-deep is vulnerable to...

RHEL 7 : imagemagick (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ImageMagick: NULL pointer dereference in GetMagickProperty function in MagickCore/property.c ...

RHEL 5 : netpbm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jasper: incorrect component number check in COC, RGN and QCC marker segment decoders (oCERT-2014-009) ...

RHEL 7 : php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php: Heap-based...

RHEL 6 : php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php:...

RHEL 5 : libxv (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXv: Insufficient validation of server responses results in out-of bounds accesses (CVE-2016-5407) ...

RHEL 5 : libxi (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXi: Multiple Array Index error leading to heap-based OOB write (CVE-2013-1998) libXi: Insufficient...

RHEL 5 : libxrender (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrender: Insufficient validation of server responses results out-of-bounds write in...

RHEL 4 : bind (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. bind: deleted domain name resolving flaw (CVE-2012-1033) bind: malformed signature records for DNAME...

RHEL 9 : odo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148) Note that...

RHEL 6 : nasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nasm: use-after-free in paste_tokens in asm/preproc.c (CVE-2019-8343) In Netwide Assembler (NASM)...

RHEL 7 : coreutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. coreutils: memory corruption flaw in parse_datetime() (CVE-2014-9471) coreutils: Non-privileged session...

RHEL 8 : jboss-on (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jackson-databind: use of deeply nested arrays (CVE-2022-42004) jackson-databind 2.10.x through 2.12.x...

RHEL 9 : libbpf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libbpf: heap-based buffer overflow (8 bytes) in __bpf_object__open (CVE-2021-45941) libbpf 0.6.0 and...

RHEL 6 : ntp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ntp: denial of service by trigerring rate limiting on NTP server (CVE-2015-7705) The monlist feature in...

RHEL 6 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver (CVE-2017-12762) kernel:...

RHEL 8 : qs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. express: qs prototype poisoning causes the hang of the node process (CVE-2022-24999) Note that Nessus has not tested...