6423 matches found
AlmaLinux 8 : dbus (ALSA-2023:4498)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4498 advisory. - D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the...
AlmaLinux 8 : java-1.8.0-openjdk (ALSA-2023:0208)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0208 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are...
AlmaLinux 9 : java-1.8.0-openjdk (ALSA-2023:0210)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0210 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are...
AlmaLinux 8 : java-17-openjdk (ALSA-2022:1445)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1445 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected a...
AlmaLinux 8 : kernel-rt (ALSA-2023:1584)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:1584 advisory. - A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress using...
AlmaLinux 8 : ruby:2.6 (ALSA-2021:2588)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:2588 advisory. rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code CVE-2019-3881 ruby: NUL injection vulnerability of...
AlmaLinux 8 : kernel (ALSA-2022:0825)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:0825 advisory. - In unixscmtoskb of afunix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with Syste...
AlmaLinux 8 : ruby:2.7 (ALSA-2021:2584)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:2584 advisory. ruby: Potential HTTP request smuggling in WEBrick CVE-2020-25613 ruby: XML round-trip vulnerability in REXML CVE-2021-28965 Tenable has extracted the...
AlmaLinux 8 : firefox (ALSA-2023:4468)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4468 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of...
AlmaLinux 9 : firefox (ALSA-2023:4462)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4462 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of...
AlmaLinux 8 : samba (ALSA-2023:4328)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4328 advisory. - A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured server signing = required or f...
AlmaLinux 9 : samba (ALSA-2023:4325)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4325 advisory. - A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured server signing = required or f...
AlmaLinux 9 : libxml2 (ALSA-2023:4349)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4349 advisory. - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in...
AlmaLinux 9 : nodejs:18 (ALSA-2023:4330)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4330 advisory. nodejs: mainModule.proto bypass experimental policy mechanism CVE-2023-30581 nodejs: process interuption due to invalid Public Key information in x509...
AlmaLinux 8 : mod_auth_openidc:2.3 (ALSA-2023:4418)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4418 advisory. cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE CVE-2023-37464 Tenable has extracted the preceding description...
AlmaLinux 9 : cjose (ALSA-2023:4411)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:4411 advisory. - OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption JOSE. The AES GCM decryption routine incorrectly uses the Tag length from...
AlmaLinux 9 : libeconf (ALSA-2023:4347)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:4347 advisory. - A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue...
AlmaLinux 9 : postgresql:15 (ALSA-2023:4327)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4327 advisory. postgresql: schemaelement defeats protective searchpath changes CVE-2023-2454 postgresql: row security policies disregard user ID changes after inlining...
AlmaLinux 9 : kpatch-patch (ALSA-2023:4380)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4380 advisory. - A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The...
AlmaLinux 9 : nodejs (ALSA-2023:4331)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4331 advisory. - The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request...