6423 matches found
AlmaLinux 9 : .NET 6.0 (ALSA-2023:4644)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4644 advisory. - .NET and Visual Studio Remote Code Execution Vulnerability CVE-2023-35390 - .NET and Visual Studio Denial of Service Vulnerability CVE-2023-38180 Note...
AlmaLinux 8 : kernel (ALSA-2023:4517)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4517 advisory. - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may allow...
AlmaLinux 8 : kernel-rt (ALSA-2023:4541)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4541 advisory. - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may allow...
AlmaLinux 8 : iperf3 (ALSA-2023:4570)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:4570 advisory. - iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field. CVE-2023-38403 Note that Nessus has not tested for...
AlmaLinux 8 : postgresql:10 (ALSA-2023:4539)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4539 advisory. postgresql: schemaelement defeats protective searchpath changes CVE-2023-2454 postgresql: row security policies disregard user ID changes after inlining...
AlmaLinux 8 : libcap (ALSA-2023:4524)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4524 advisory. - A vulnerability was found in the pthreadcreate function in libcap. This issue may allow a malicious actor to use cause realpthreadcreate to return an...
AlmaLinux 8 : nodejs:18 (ALSA-2023:4536)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4536 advisory. nodejs: mainModule.proto bypass experimental policy mechanism CVE-2023-30581 nodejs: process interuption due to invalid Public Key information in x509...
AlmaLinux 9 : iperf3 (ALSA-2023:4571)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:4571 advisory. - iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field. CVE-2023-38403 Note that Nessus has not tested for...
AlmaLinux 8 : python-requests (ALSA-2023:4520)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:4520 advisory. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS...
AlmaLinux 8 : libxml2 (ALSA-2023:4529)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4529 advisory. - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in...
AlmaLinux 8 : kpatch-patch (ALSA-2023:4531)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4531 advisory. - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may allow...
AlmaLinux 8 : postgresql:12 (ALSA-2023:4535)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4535 advisory. postgresql: schemaelement defeats protective searchpath changes CVE-2023-2454 postgresql: row security policies disregard user ID changes after inlining...
AlmaLinux 8 : postgresql:13 (ALSA-2023:4527)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4527 advisory. postgresql: schemaelement defeats protective searchpath changes CVE-2023-2454 postgresql: row security policies disregard user ID changes after inlining...
AlmaLinux 9 : dbus (ALSA-2023:4569)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4569 advisory. - D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the...
AlmaLinux 8 : curl (ALSA-2023:4523)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4523 advisory. - An authentication bypass vulnerability exists libcurl 8.0.0 in the connection reuse feature which can reuse previously established connections with...
AlmaLinux 8 : nodejs:16 (ALSA-2023:4537)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4537 advisory. nodejs: mainModule.proto bypass experimental policy mechanism CVE-2023-30581 nodejs: process interuption due to invalid Public Key information in x509...
AlmaLinux 9 : thunderbird (ALSA-2023:4499)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4499 advisory. - Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file,...
AlmaLinux 8 : thunderbird (ALSA-2023:4497)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4497 advisory. - Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file,...
Moderate: nodejs:18 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs 18.16.1. BZ2223630, BZ2223631, BZ2223632, BZ2223633, BZ2223635, BZ2223642 Security Fixes: nodejs...
ALSA-2023:4536 Moderate: nodejs:18 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs 18.16.1. BZ2223630, BZ2223631, BZ2223632, BZ2223633, BZ2223635, BZ2223642 Security Fixes: nodejs...