PT-2025-1926

Name of the Vulnerable Software and Affected Versions Color imageCLASS MF656Cdw versions v05.04 and earlier Color imageCLASS MF654Cdw versions v05.04 and earlier Color imageCLASS MF653Cdw versions v05.04 and earlier Color imageCLASS MF652Cdw versions v05.04 and earlier Color imageCLASS LBP633Cdw...

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssh Vulnerability (NS-SA-2024-1001)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssh packages installed that are affected by a vulnerability: - openssh: A security regression CVE-2006-5051 was discovered in OpenSSH's server sshd. There is a race condition which can lead sshd to handle some signals i...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Vulnerability (NS-SA-2024-0012)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by a vulnerability: - An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456...

NewStart CGSL CORE 5.04 / MAIN 5.04 : apr-util Vulnerability (NS-SA-2024-0013)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has apr-util packages installed that are affected by a vulnerability: - Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds o...

NewStart CGSL CORE 5.04 / MAIN 5.04 : python-requests Multiple Vulnerabilities (NS-SA-2024-0014)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python-requests packages installed that are affected by multiple vulnerabilities: - The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-htt...

NewStart CGSL CORE 5.04 / MAIN 5.04 : rpm Vulnerability (NS-SA-2024-0010)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rpm packages installed that are affected by a vulnerability: - A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seeming...

NewStart CGSL CORE 5.04 / MAIN 5.04 : git Multiple Vulnerabilities (NS-SA-2024-0015)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has git packages installed that are affected by multiple vulnerabilities: - Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by...

NewStart CGSL CORE 5.04 / MAIN 5.04 : binutils Vulnerability (NS-SA-2024-0013)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has binutils packages installed that are affected by a vulnerability: - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via contro...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2024-0014)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt...

NewStart CGSL MAIN 5.04 : expat Vulnerability (NS-SA-2023-0070)

The remote NewStart CGSL host, running version MAIN 5.04, has expat packages installed that are affected by a vulnerability: - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus has not tested for this issue but has instead relied...

NewStart CGSL MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2023-0057)

The remote NewStart CGSL host, running version MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlinkcit.c aka the Xirlink camera USB driver mishandles invalid descriptors, aka CID-a246b4d54770...

NewStart CGSL MAIN 5.04 : groff Multiple Vulnerabilities (NS-SA-2023-0067)

The remote NewStart CGSL host, running version MAIN 5.04, has groff packages installed that are affected by multiple vulnerabilities: - contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf.tmp temporary file...

NewStart CGSL MAIN 5.04 : krb5 Multiple Vulnerabilities (NS-SA-2023-0102)

The remote NewStart CGSL host, running version MAIN 5.04, has krb5 packages installed that are affected by multiple vulnerabilities: - The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/dotgsreq.c via a FAST inne...

NewStart CGSL MAIN 5.04 : docker-ce Vulnerability (NS-SA-2023-0109)

The remote NewStart CGSL host, running version MAIN 5.04, has docker-ce packages installed that are affected by a vulnerability: - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up...

NewStart CGSL MAIN 5.04 : openssl Vulnerability (NS-SA-2023-0069)

The remote NewStart CGSL host, running version MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell...

NewStart CGSL MAIN 5.04 : openssl Vulnerability (NS-SA-2023-0101)

The remote NewStart CGSL host, running version MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public...

NewStart CGSL CORE 5.04 / MAIN 5.04 : bind Multiple Vulnerabilities (NS-SA-2023-0029)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has bind packages installed that are affected by multiple vulnerabilities: - In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported Previ...

NewStart CGSL CORE 5.04 / MAIN 5.04 : sudo Vulnerability (NS-SA-2023-0029)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sudo packages installed that are affected by a vulnerability: - Sudo 1.8.0 through 1.9.12, with the crypt password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2023-0030)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may all...

NewStart CGSL CORE 5.04 / MAIN 5.04 : sos Vulnerability (NS-SA-2023-0002)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sos packages installed that are affected by a vulnerability: - It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el86, ovirt-log-collector-4.4.7-2.el8ev...