113 matches found
MiracleLinux 8 : container-tools:rhel8 (AXSA:2022-4470:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4470:01 advisory. podman: possible information disclosure and modification CVE-2022-2989 buildah: possible information disclosure and modification CVE-2022-2990 Tenab...
MiracleLinux 9 : container-tools, python-podman-4.2.0-1.el9, toolbox-0.0.99.3-5.el9 (AXSA:2023-5056:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5056:01 advisory. golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension CVE-2020-28851 golang.org/x/text: Panic in...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002990)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002990 advisory. The rngapireset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service NULL pointer dereference. Tenable has extracted...
Amazon Linux 2 : ruby, --advisory ALAS2-2025-2990 (ALAS-2025-2990)
The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2990 advisory. An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter...
Security update for ffmpeg
This update for ffmpeg fixes the following issues: CVE-2025-7700: Fixed NULL Pointer Dereference in FFmpeg ALS Decoder libavcodec/alsdec.c bsc1246790. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
TencentOS Server 3: buildah (TSSA-2022:0263)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0263 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2012-2990
The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.120741313, does not properly implement unspecified methods, which allows remote attackers to download an arbitrary program onto a client machine, and...
CVE-2019-2990
Vulnerability in the Oracle iStore product of Oracle E-Business Suite component: Order Tracker. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore...
CVE-2025-2990
creationtimestamp| type| source ---|---|--- 2025-03-31 10:30:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9626 2025-03-31 13:20:15+00:00| seen| https://t.me/cvedetector/21569...
Linux Distros Unpatched Vulnerability : CVE-2022-2990
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modificati...
CVE-2022-2990 affecting package buildah 1.18.0-8
CVE-2022-2990 affecting package buildah 1.18.0-8. This CVE either no longer is or was never applicable...
CBL Mariner 2.0 Security Update: buildah (CVE-2022-2990)
The version of buildah installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2990 advisory. - An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitiv...
RHEL 8 : buildah (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - buildah: possible information disclosure and modification CVE-2022-2990 Note that Nessus has not tested for this...
RHEL 7 : buildah (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - buildah: possible information disclosure and modification CVE-2022-2990 Note that Nessus has not tested for this...
CVE-2022-2990 affecting package buildah for versions less than 1.18.0-24
CVE-2022-2990 affecting package buildah for versions less than 1.18.0-24. A patched version of the package is available...
CVE-2024-2990
CVE-2024-2990 affects Tenda FH1203 2.0.1.6 . The vulnerability is in the function formexeCommand of the file /goform/execCommand where manipulation of the argument cmdinput causes a stack-based buffer overflow . It can be exploited remotely, and the exploit has been disclosed publicly. The connec...
Rocky Linux 8 : container-tools:rhel8 (RLSA-2022:7822)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7822 advisory. - An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data...
SUSE: Security Advisory (SUSE-SU-2023:4099-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:4099-1 Security update for buildah
This update for buildah fixes the following issues: - CVE-2022-2990: Fixed a flaw which might allow sensitive information disclosure or possible data modification. bsc1202812 - buildah is also rebuilt against go1.21...
CVE-2022-2990 affecting package buildah for versions less than 1.18.0-17
CVE-2022-2990 affecting package buildah for versions less than 1.18.0-17. A patched version of the package is available...