AlmaLinux 9 : containernetworking-plugins (ALSA-2024:11216)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:11216 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Tenable...

AlmaLinux 9 : libsndfile:1.0.31 (ALSA-2024:11237)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11237 advisory. libsndfile: Segmentation fault error in oggvorbis.c:417 vorbisanalysiswrote CVE-2024-50612 Tenable has extracted the preceding description block directly from the...

AlmaLinux 9 : skopeo (ALSA-2024:11217)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11217 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Tenable...

AlmaLinux 9 : mpg123:1.32.9 (ALSA-2024:11242)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11242 advisory. mpg123: Buffer overflow when writing decoded PCM samples CVE-2024-10573 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 9 : python3.11-urllib3 (ALSA-2024:11238)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:11238 advisory. urllib3: Request body not stripped after redirect from 303 status changes request method to GET CVE-2023-45803 Tenable has extracted the preceding description blo...

AlmaLinux 9 : unbound:1.16.2 (ALSA-2024:11232)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11232 advisory. unbound: Unbounded name compression could lead to Denial of Service CVE-2024-8508 Tenable has extracted the preceding description block directly from the AlmaLinu...

AlmaLinux 8 : kernel (ALSA-2024:10943)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10943 advisory. kernel: selinux,smack: don't bypass permissions check in inodesetsecctx hook CVE-2024-46695 kernel: net: avoid potential underflow in qdiscpktleninit wit...

AlmaLinux 8 : python36:3.6 (ALSA-2024:10953)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:10953 advisory. virtualenv: potential command injection via virtual environment activation scripts CVE-2024-53899 Tenable has extracted the preceding description block directly...

AlmaLinux 8 : kernel-rt (ALSA-2024:10944)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10944 advisory. kernel: selinux,smack: don't bypass permissions check in inodesetsecctx hook CVE-2024-46695 kernel: net: avoid potential underflow in qdiscpktleninit wit...

AlmaLinux 8 : php:7.4 (ALSA-2024:10952)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10952 advisory. php: 1-byte array overrun in common path resolve code CVE-2023-0568 php: Passwordverify always return true with some hash CVE-2023-0567 php: Missing erro...

AlmaLinux 8 : php:8.2 (ALSA-2024:10951)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10951 advisory. php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk...

AlmaLinux 8 : libsndfile (ALSA-2024:11192)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11192 advisory. libsndfile: Segmentation fault error in oggvorbis.c:417 vorbisanalysiswrote CVE-2024-50612 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : gstreamer1-plugins-base (ALSA-2024:11345)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:11345 advisory. gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbishandleidentificationpacket CVE-2024-47538 gstreamer1-plugins-base: out-of-bounds...

AlmaLinux 8 : edk2:20220126gitbb1bba3d77 (ALSA-2024:11185)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11185 advisory. edk2: Integer overflows in PeCoffLoaderRelocateImage CVE-2024-38796 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : tuned (ALSA-2024:11161)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11161 advisory. tuned: improper sanitization of instancename parameter of the instancecreate method CVE-2024-52337 Tenable has extracted the preceding description block directly...

AlmaLinux 8 : mpg123 (ALSA-2024:11193)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11193 advisory. mpg123: Buffer overflow when writing decoded PCM samples CVE-2024-10573 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : gstreamer1-plugins-good (ALSA-2024:11299)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:11299 advisory. gstreamer1-plugins-good: uninitialized stack memory in Matroska/WebM demuxer CVE-2024-47540 gstreamer1-plugins-good: OOB-write in isomp4/qtdemux.c...

AlmaLinux 8 : python3.11-urllib3 (ALSA-2024:11189)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:11189 advisory. urllib3: Request body not stripped after redirect from 303 status changes request method to GET CVE-2023-45803 Tenable has extracted the preceding description blo...

AlmaLinux 8 : bluez (ALSA-2024:11154)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11154 advisory. bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution CVE-2023-45866 Tenable has extracted the preceding...

AlmaLinux 8 : python3.11 (ALSA-2024:10979)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:10979 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 Tenable has extracted the preceding description block directly from the...