AlmaLinux 8 : edk2:20220126gitbb1bba3d77 (ALSA-2024:11185)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11185 advisory. edk2: Integer overflows in PeCoffLoaderRelocateImage CVE-2024-38796 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 9 : redis:7 (ALSA-2024:10869)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10869 advisory. redis: Redis SORTRO may bypass ACL configuration CVE-2023-41053 redis: possible bypass of Unix socket permissions on startup CVE-2023-45145 redis:...

AlmaLinux 9 : ruby (ALSA-2024:10858)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:10858 advisory. rexml: REXML ReDoS vulnerability CVE-2024-49761 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 9 : ruby:3.1 (ALSA-2024:10860)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:10860 advisory. rexml: REXML ReDoS vulnerability CVE-2024-49761 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 8 : postgresql:12 (ALSA-2024:10785)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10785 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

AlmaLinux 9 : postgresql:16 (ALSA-2024:10788)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10788 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

AlmaLinux 9 : thunderbird (ALSA-2024:10592)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:10592 advisory. thunderbird: Potential disclosure of plaintext in OpenPGP encrypted message CVE-2024-11159 firefox: thunderbird: CSP Bypass and XSS Exposure via Web...

AlmaLinux 9 : postgresql (ALSA-2024:10791)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10791 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

AlmaLinux 8 : python3:3.6.8 (ALSA-2024:10779)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10779 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 python: Improper validation of IPv6 and IPvFuture addresses...

AlmaLinux 9 : firefox (ALSA-2024:10702)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10702 advisory. firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims CVE-2024-11694 firefox: thunderbird: Unhandled Exception in Add-on Signatur...

AlmaLinux 8 : firefox (ALSA-2024:10752)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:10752 advisory. firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims CVE-2024-11694 firefox: thunderbird: Unhandled Exception in Add-on Signatur...

AlmaLinux 9 : postgresql:15 (ALSA-2024:10787)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10787 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

AlmaLinux 8 : postgresql:13 (ALSA-2024:10832)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:10832 advisory. postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID CVE-2024-10978 postgresql: PostgreSQL PL/Perl environment variable...

AlmaLinux 8 : thunderbird (ALSA-2024:10591)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:10591 advisory. thunderbird: Potential disclosure of plaintext in OpenPGP encrypted message CVE-2024-11159 firefox: thunderbird: CSP Bypass and XSS Exposure via Web...

AlmaLinux 8 : webkit2gtk3 (ALSA-2024:10481)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:10481 advisory. webkitgtk: data isolation bypass vulnerability CVE-2024-44309 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

AlmaLinux 9 : webkit2gtk3 (ALSA-2024:10472)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:10472 advisory. webkitgtk: data isolation bypass vulnerability CVE-2024-44309 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

AlmaLinux 9 : python-tornado (ALSA-2024:10590)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:10590 advisory. python-tornado: Tornado has HTTP cookie parsing DoS vulnerability CVE-2024-52804 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : kernel (ALSA-2024:9605)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:9605 advisory. kernel: net: nexthop: Initialize all fields in dumped nexthops CVE-2024-42283 kernel: iommufd: Require drivers to supply the cacheinvalidateuser ops...

AlmaLinux 9 : firefox (ALSA-2024:9554)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:9554 advisory. firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 firefox: thunderbird: History interface could have been used to cause a...

AlmaLinux 9 : .NET 9.0 (ALSA-2024:9543)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:9543 advisory. dotnet: Type confusion vulnerability leads to AV in .NET Core NrbfDecoder component CVE-2024-43498 dotnet: .NET Core - DoS - unbounded work factor in...