HPE Superdome Flex Servers; HPE Superdome Flex 280 Servers Security Vulnerabilities
RHEL 7 : libxtst (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXtst: Insufficient validation of server responses result in Integer overflows (CVE-2016-7951) X.org...
8.9AI Score
RHEL 5 : httpd (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. httpd: mod_ssl NULL pointer dereference (CVE-2017-3169) httpd: Weak Digest auth nonce generation in...
8.6AI Score
RHEL 5 : gtk-vnc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gtk-vnc: Integer overflow when processing SetColorMapEntries (CVE-2017-5885) gtk-vnc 0.4.2 and older...
9.6AI Score
RHEL 7 : webkitgtk (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution ...
10AI Score
RHEL 7 : python (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177) python: XML...
8.9AI Score
SUSE SLED12 / SLES12 Security Update : freerdp (SUSE-SU-2024:1609-1)
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1609-1 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version...
7.8AI Score
RHEL 7 : libx11 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libX11: Insufficient validation of server responses in FontNames (CVE-2016-7943) The XGetImage function...
10AI Score
RHEL 6 : freerdp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. freerdp: Out-of-bounds write in nsc_rle_decode() function (CVE-2018-8788) freerdp: Integer Overflow...
8.8AI Score
RHEL 7 : libxrandr (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrandr: Insufficient validation of server responses result in various data mishandlings...
7.7AI Score
RHEL 6 : flex (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. flex: Recursive calls in the function mark_beginning_as_normal resulting in a denial of service (CVE-2019-6293) ...
7.4AI Score
RHEL 6 : netkit-rsh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. netkit-rsh: possible overwrite of arbitrary files by a malicious rsh server (CVE-2019-7283) In NetKit...
7.3AI Score
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : freerdp (SUSE-SU-2024:1610-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1610-1 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using...
7.2AI Score
RHEL 6 : gtk-vnc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gtk-vnc: Integer overflow when processing SetColorMapEntries (CVE-2017-5885) gtk-vnc 0.4.2 and older...
9.6AI Score
RHEL 6 : openjdk (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. OpenJDK: insufficient loader constraints checks for invokespecial (Hotspot, 8180711) (CVE-2017-10346) ...
9.4AI Score
RHEL 5 : mutt (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mutt: buffer overflow via base64 data (CVE-2018-14359) An issue was discovered in Mutt before 1.10.1 and...
7.8AI Score
RHEL 6 : openssl (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssl: the c_rehash script allows command injection (CVE-2022-2068) Integer overflow in the...
9.2AI Score
RHEL 6 : libx11 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libX11: missing request length checks (CVE-2021-31535) The XGetImage function in X.org libX11 before...
10AI Score
RHEL 5 : php (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. php: buffer overflow in handling of long link names in tar phar archives (CVE-2016-2554) php:...
10AI Score
RHEL 7 : libxrender (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libXrender: Insufficient validation of server responses results out-of-bounds write in...
10AI Score
RHEL 7 : gtk-vnc (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. gtk-vnc: Integer overflow when processing SetColorMapEntries (CVE-2017-5885) gtk-vnc before 0.7.0 does...
9.5AI Score
RHEL 6 : oracle_jdk (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Oracle JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 (Security) (CVE-2018-2783) ...
6.6AI Score
RHEL 7 : fetchmail (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. fetchmail: STARTTLS session encryption bypassing (CVE-2021-39272) report_vbuild in report.c in Fetchmail...
7.9AI Score
RHEL 5 : libx11 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libX11: Out of Bounds write in XListExtensions in ListExt.c (CVE-2018-14600) The XGetImage function in...
8.5AI Score
RHEL 6 : nss (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) An existing mitigation of...
5.9AI Score
RHEL 7 : c-ares (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. c-ares: Single byte out of buffer write (CVE-2016-5180) The c-ares function ares_parse_naptr_reply(),...
6.7AI Score
RHEL 6 : mozilla (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes (CVE-2020-26970) Mozilla:...
9.7AI Score
RHEL 6 : dnsmasq (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. dnsmasq: fixed outgoing port used when --server is used with an interface name (CVE-2021-3448) A...
5.4AI Score
RHEL 7 : openjdk (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496) OpenJDK: integer truncation issue...
7.5AI Score
RHEL 6 : openssh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. openssh: loading of untrusted PKCS#11 modules in ssh-agent (CVE-2016-10009) openssh: scp allows command...
8.4AI Score
RHEL 7 : netkit-rsh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. netkit-rsh: possible overwrite of arbitrary files by a malicious rsh server (CVE-2019-7283) In NetKit...
6.7AI Score
RHEL 7 : irssi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. irssi: heap buffer overflow due to calculation error in the completion code (CVE-2018-5208) The buf.pl...
8.2AI Score
RHEL 6 : kernel (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver (CVE-2017-12762) kernel: lack of port...
8.7AI Score
RHEL 7 : jetty (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. jetty: Timing channel attack in util/security/Password.java (CVE-2017-9735) jetty: crafted URIs allow...
7.5AI Score
RHEL 5 : flex (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. flex: Recursive calls in the function mark_beginning_as_normal resulting in a denial of service (CVE-2019-6293) ...
5.6AI Score
RHEL 6 : irssi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. irssi: heap buffer overflow due to calculation error in the completion code (CVE-2018-5208) The buf.pl...
8.1AI Score
RHEL 7 : flex (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. flex: buffer overflow in generated code (yy_get_next_buffer) (CVE-2016-6354) Note that Nessus has not tested for...
9.8AI Score
RHEL 6 : perl-dbd-mysql (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-DBD-MySQL: Use-after-free when calling mysql_stmt_error() after mysql_stmt_close() (CVE-2017-10788) ...
7.7AI Score
RHEL 5 : perl-dbd-mysql (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. perl-DBD-MySQL: Use-after-free when calling mysql_stmt_error() after mysql_stmt_close() (CVE-2017-10788) ...
8.1AI Score
RHEL 6 : fetchmail (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. fetchmail: STARTTLS session encryption bypassing (CVE-2021-39272) report_vbuild in report.c in Fetchmail...
7.9AI Score
RHEL 6 : python-requests (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074) ...
7.5AI Score
RHEL 7 : libvncserver (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libvncserver: Multiple heap out-of-bound writes in VNC client code (Incomplete fix for CVE-2018-20019) ...
9.8AI Score
RHEL 5 : squid (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code ...
9.6AI Score
RHEL 6 : mysql (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. mysql: unspecified vulnerability in subcomponent: Server: Parser (CPU July 2016) (CVE-2016-3477) mysql:...
9.5AI Score
RHEL 7 : subversion (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. subversion: svnserve/sasl may authenticate users using the wrong realm (CVE-2016-2167) The...
7.2AI Score
RHEL 7 : golang (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. golang: arbitrary command execution via VCS path (CVE-2018-7187) golang: Command-line arguments may...
10AI Score
RHEL 8 : kernel (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: race condition in snd_pcm_hw_free leading to use-after-free (CVE-2022-1048) Kernel:...
7AI Score
Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
Co-authored by Rapid7 analysts Tyler McGraw, Thomas Elkins, and Evan McCann Executive Summary Rapid7 has identified an ongoing social engineering campaign that has been targeting multiple managed detection and response (MDR) customers. The incident involves a threat actor overwhelming a user's...
7.8AI Score
Important: tigervnc security update
Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients....
7.4AI Score
0.0005EPSS
An update is available for tigervnc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Virtual Network Computing (VNC) is a remote display system which allows...
7.4AI Score
0.0005EPSS
An update is available for mod_http2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on...
7.2AI Score
0.0004EPSS