AlmaLinux 8 : firefox (ALSA-2024:0012)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:0012 advisory. - The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an...

AlmaLinux 9 : opensc (ALSA-2023:7879)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:7879 advisory. - A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic...

AlmaLinux 8 : postgresql:15 (ALSA-2023:7884)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7884 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-58...

AlmaLinux 8 : openssl (ALSA-2023:7877)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7877 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex ...

AlmaLinux 8 : opensc (ALSA-2023:7876)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:7876 advisory. - A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic...

AlmaLinux 9 : fence-agents (ALSA-2023:7753)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7753 advisory. - Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts...

AlmaLinux 9 : podman (ALSA-2023:7765)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7765 advisory. - Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA...

AlmaLinux 9 : postgresql:15 (ALSA-2023:7785)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7785 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-58...

AlmaLinux 8 : tracker-miners (ALSA-2023:7732)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:7732 advisory. - A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the...

AlmaLinux 9 : kpatch-patch (ALSA-2023:7734)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:7734 advisory. - An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequat...

AlmaLinux 8 : webkit2gtk3 (ALSA-2023:7716)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:7716 advisory. - A memory corruption vulnerability was addressed with improved locking. CVE-2023-42917 Note that Nessus has not tested for this issue but has instead relied only ...

AlmaLinux 8 : avahi (ALSA-2023:7836)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7836 advisory. - A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not...

AlmaLinux 9 : gstreamer1-plugins-bad-free (ALSA-2023:7791)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7791 advisory. - Fixes for GStreamer-SA-2023-0010 ZDI-CAN-22299 and GStreamer-SA-2023-0009 ZDI-CAN-22226 CVE-2023-44429 CVE-2023-44429 - MXF demuxer use-after-free...

AlmaLinux 9 : skopeo (ALSA-2023:7762)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7762 advisory. - Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA...

AlmaLinux 8 : postgresql:12 (ALSA-2023:7714)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7714 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls CVE-2023-58...

AlmaLinux 9 : buildah (ALSA-2023:7764)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7764 advisory. - Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA...

AlmaLinux 8 : gstreamer1-plugins-bad-free (ALSA-2023:7841)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:7841 advisory. - MXF demuxer use-after-free vulnerability fedora-all CVE-2023-44446 Note that Nessus has not tested for this issue but has instead relied only on the application'...

AlmaLinux 9 : libxml2 (ALSA-2023:7747)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:7747 advisory. - Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement function at /libxml2/SAX2.c. This vulnerability allows...

AlmaLinux 9 : postgresql (ALSA-2023:7784)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7784 advisory. - IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting...

AlmaLinux 9 : runc (ALSA-2023:7763)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:7763 advisory. - Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA...