MiracleLinux 9 : tigervnc-1.14.1-1.el9_5 (AXSA:2024-9413:17)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9413:17 advisory. xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability CVE-2024-9632 Tenable has extracted the preceding description block...

MiracleLinux 9 : python3.9-3.9.18-3.el9_4.1 (AXSA:2024-8484:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8484:03 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of servi...

MiracleLinux 9 : dnsmasq-2.85-14.el9_3.1 (AXSA:2024-7618:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7618:01 advisory. dnsmasq: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 dnsmasq: bind9: Preparing an NSEC3 closest encloser proof can...

MiracleLinux 8 : webkit2gtk3-2.40.5-1.el8_9.1.ML.1 (AXSA:2024-7387:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7387:01 advisory. webkitgtk: Arbitrary Remote Code Execution CVE-2023-42917 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : ruby:3.1 (AXSA:2024-9453:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9453:01 advisory. rexml: REXML ReDoS vulnerability CVE-2024-49761 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.422.b05-1.0.1.el7.AXS7 (AXSA:2024-8735:15)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8735:15 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK:...

MiracleLinux 8 : postgresql:15 (AXSA:2024-7391:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7391:01 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls...

MiracleLinux 8 : firefox-128.2.0-1.el8_10.ML.1 (AXSA:2024-8869:31)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8869:31 advisory. firefox: 115.15/128.2 ESR mozilla: Type confusion when looking up a property name in a with block CVE-2024-8381 mozilla: Internal event interfaces...

MiracleLinux 7 : tigervnc-1.8.0-33.0.1.el7.AXS7 (AXSA:2024-7733:08)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7733:08 advisory. xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in...

MiracleLinux 9 : tigervnc-1.13.1-3.el9_3.6.ML.1 (AXSA:2024-7495:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7495:05 advisory. xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer CVE-2023-6816 xorg-x11-server: reattaching to different master devi...

MiracleLinux 9 : osbuild-composer-101-2.el9_4.ML.1 (AXSA:2024-8870:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8870:04 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...

MiracleLinux 9 : bubblewrap-0.4.1-8.el9, flatpak-1.12.9-3.el9 (AXSA:2024-9109:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9109:02 advisory. flatpak: Access to files outside sandbox for apps using persistent= --persist CVE-2024-42472 Tenable has extracted the preceding description block directly...

MiracleLinux 9 : skopeo-1.16.1-1.el9 (AXSA:2024-9102:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9102:06 advisory. containers/image: digest type does not guarantee valid type CVE-2024-3727 golang: net: malformed DNS message can cause infinite loop CVE-2024-24788...

MiracleLinux 8 : firefox-115.5.0-1.el8_9.ML.1 (AXSA:2024-7349:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7349:01 advisory. Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer CVE-2023-6204 Mozilla: Use-after-free in MessagePort::Entangled CVE-2023-6205 Mozilla:...

MiracleLinux 9 : NetworkManager-libreswan-1.2.22-4.el9_5 (AXSA:2024-9430:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9430:08 advisory. NetworkManager-libreswan: Local privilege escalation via leftupdown CVE-2024-9050 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : squashfs-tools-4.3-21.el8 (AXSA:2024-8222:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8222:02 advisory. squashfs-tools: unvalidated filepaths allow writing outside of destination CVE-2021-40153 squashfs-tools: possible Directory Traversal via symbolic...

MiracleLinux 9 : thunderbird-128.4.0-1.el9_5.ML.2 (AXSA:2024-9408:29)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-9408:29 advisory. firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 firefox: thunderbird: History interface could have been used to...

MiracleLinux 9 : nss-3.90.0-4.el9_3 (AXSA:2024-7386:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7386:01 advisory. nss: timing attack against RSA decryption CVE-2023-5388 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

MiracleLinux 9 : python3.11-3.11.9-7.el9 (AXSA:2024-9265:28)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9265:28 advisory. python: The zipfile module is vulnerable to zip-bombs leading to denial of service CVE-2024-0450 python: cpython: Iterating over a malicious ZIP fil...

MiracleLinux 8 : pam-1.3.1-36.el8_10 (AXSA:2024-9040:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9040:04 advisory. pam: libpam: Libpam vulnerable to read hashed password CVE-2024-10041 pam: Improper Hostname Interpretation in pamaccess Leads to Access Control...