6423 matches found
AlmaLinux 8 : firefox (ALSA-2023:4076)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4076 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefo...
AlmaLinux 8 : .NET 7.0 (ALSA-2023:4058)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4058 advisory. - ASP.NET and Visual Studio Security Feature Bypass Vulnerability CVE-2023-33170 Note that Nessus has not tested for this issue but has instead relied only on the...
AlmaLinux 9 : firefox (ALSA-2023:4071)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4071 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefo...
AlmaLinux 8 : thunderbird (ALSA-2023:4063)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4063 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefo...
AlmaLinux 9 : thunderbird (ALSA-2023:4064)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:4064 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefo...
AlmaLinux 9 : .NET 6.0 (ALSA-2023:4060)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4060 advisory. - ASP.NET and Visual Studio Security Feature Bypass Vulnerability CVE-2023-33170 Note that Nessus has not tested for this issue but has instead relied only on the...
AlmaLinux 8 : nodejs:16 (ALSA-2023:4034)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4034 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-31130 c-ares: Insufficient randomness in...
AlmaLinux 9 : grafana (ALSA-2023:4030)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:4030 advisory. - Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to...
AlmaLinux 8 : nodejs:18 (ALSA-2023:4035)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4035 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: buffer overflow in configsortlist due to missing string length check CVE-2022-4904...
AlmaLinux 9 : go-toolset and golang (ALSA-2023:3923)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3923 advisory. - The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cg...
AlmaLinux 8 : libssh (ALSA-2023:3839)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3839 advisory. - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial ...
AlmaLinux 8 : systemd (ALSA-2023:3837)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3837 advisory. - systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the systemctl status...
AlmaLinux 8 : sqlite (ALSA-2023:3840)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3840 advisory. - Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script. CVE-2020-24736 Note...
AlmaLinux 8 : ruby:2.7 (ALSA-2023:3821)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3821 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time CVE-2023-287...
AlmaLinux 8 : go-toolset:rhel8 (ALSA-2023:3922)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3922 advisory. golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang: cmd/go: go command may execute arbitrary code ...
AlmaLinux 8 : python39:3.9 and python39-devel:3.9 (ALSA-2023:3811)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3811 advisory. python: urllib.parse url blocklisting bypass CVE-2023-24329 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. No...
AlmaLinux 8 : libtiff (ALSA-2023:3827)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3827 advisory. - processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow e.g., WRITE of size 307203 via a crafted TIFF image...
AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2023:3822)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3822 advisory. libvirt: Memory leak in virPCIVirtualFunctionList cleanup CVE-2023-2700 Tenable has extracted the preceding description block directly from the AlmaLinux security...
AlmaLinux 9 : libtiff (ALSA-2023:3711)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3711 advisory. - processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow e.g., WRITE of size 307203 via a crafted TIFF image...
AlmaLinux 9 : openssl (ALSA-2023:3722)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3722 advisory. - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include...