AlmaLinux 9 : .NET 7.0 (ALSA-2024:0151)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0151 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and Visu...

AlmaLinux 8 : .NET 8.0 (ALSA-2024:0150)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0150 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and Visu...

AlmaLinux 8 : pixman (ALSA-2024:0131)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0131 advisory. - In libpixman in Pixman before 0.42.2, there is an out-of-bounds write aka heap-based buffer overflow in rasterizeedges8 due to an integer overflow in...

AlmaLinux 8 : .NET 6.0 (ALSA-2024:0158)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0158 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and Visu...

AlmaLinux 9 : .NET 8.0 (ALSA-2024:0152)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0152 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and Visu...

AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2024:0135)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0135 advisory. QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest CVE-2023-3019 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 8 : nss (ALSA-2024:0105)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0105 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. T...

AlmaLinux 8 : idm:DL1 (ALSA-2024:0143)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0143 advisory. Kerberos: delegation constrain bypass in S4U2Proxy CVE-2020-17049 ipa: Invalid CSRF protection CVE-2023-5455 Tenable has extracted the preceding descripti...

ALSA-2024:0143 Moderate: idm:DL1 security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: Kerberos: delegation constrain bypass in S4U2Proxy CVE-2020-17049 ipa: Invalid CSRF protection...

ALSA-2024:0113 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use after free in unixstreamsendpage CVE-2023-4622 kernel: vmwgfx: reference count issue leads to use-after-free in surface handling CVE-2023-5633 kernel: netfilter: potential...

ALSA-2024:0141 Moderate: ipa security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: ipa: Invalid CSRF protection CVE-2023-5455 For more details about the security issues, including the...

Moderate: ipa security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: ipa: Invalid CSRF protection CVE-2023-5455 For more details about the security issues, including the...

Moderate: idm:DL1 security update

AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: Kerberos: delegation constrain bypass in S4U2Proxy CVE-2020-17049 ipa: Invalid CSRF protection...

AlmaLinux 9 : squid (ALSA-2024:0071)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:0071 advisory. - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4...

AlmaLinux 8 : thunderbird (ALSA-2024:0003)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:0003 advisory. - The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not...

AlmaLinux 8 : squid:4 (ALSA-2024:0046)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0046 advisory. squid: Denial of Service in SSL Certificate validation CVE-2023-46724 squid: NULL pointer dereference in the gopher protocol code CVE-2023-46728 squid:...

AlmaLinux 9 : thunderbird (ALSA-2024:0001)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:0001 advisory. - The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present, Thunderbird did not...

AlmaLinux 8 : tigervnc (ALSA-2024:0018)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0018 advisory. - A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory...

AlmaLinux 9 : tigervnc (ALSA-2024:0010)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0010 advisory. - A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stor...

AlmaLinux 9 : firefox (ALSA-2024:0025)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0025 advisory. - The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an...