6423 matches found
Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: netfilter: use-after-free in nftables when processing batch requests can lead to privilege escalation CVE-2023-32233 For more...
AlmaLinux 8 : go-toolset:rhel8 (ALSA-2023:3319)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3319 advisory. golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 Tenable has extracted the preceding description block directly from the AlmaLinux...
AlmaLinux 9 : go-toolset and golang (ALSA-2023:3318)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3318 advisory. - Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set \t...
AlmaLinux 8 : git (ALSA-2023:3246)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3246 advisory. - Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7,...
AlmaLinux 9 : git (ALSA-2023:3245)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3245 advisory. - Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7,...
AlmaLinux 8 : ctags (ALSA-2023:2863)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2863 advisory. - A flaw was found in Exuberant Ctags in the way it handles the -o option. This option specifies the tag filename. A crafted tag filename specified in the command...
AlmaLinux 8 : samba (ALSA-2023:2987)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2987 advisory. - In Samba, GnuTLS gnutlsrnd can fail and give predictable random values. CVE-2022-1615 Note that Nessus has not tested for this issue but has instead relied only ...
AlmaLinux 8 : grafana (ALSA-2023:2784)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2784 advisory. - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing i...
AlmaLinux 8 : xorg-x11-server (ALSA-2023:2806)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2806 advisory. - A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function GetCountedString of the file xkb/xkb.c...
AlmaLinux 8 : autotrace (ALSA-2023:3067)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3067 advisory. - AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660. CVE-2022-32323 Note that Nessus has not tested for thi...
AlmaLinux 8 : python-mako (ALSA-2023:2893)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:2893 advisory. - Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and...
AlmaLinux 8 : dhcp (ALSA-2023:3000)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3000 advisory. - In ISC DHCP 4.4.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1, when the function optioncodehashlookup is called from addoption, it increases the...
AlmaLinux 8 : wayland (ALSA-2023:2786)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2786 advisory. - An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int...
AlmaLinux 8 : frr (ALSA-2023:2801)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2801 advisory. - An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgpcapabilitymsgparse ...
AlmaLinux 8 : webkit2gtk3 (ALSA-2023:2834)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2834 advisory. - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing...
AlmaLinux 8 : poppler (ALSA-2023:2810)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2810 advisory. - Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIGStream.cc. Processing a specially...
AlmaLinux 8 : sysstat (ALSA-2023:2800)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:2800 advisory. - sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1,...
AlmaLinux 8 : xorg-x11-server-Xwayland (ALSA-2023:2805)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2805 advisory. - A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function GetCountedString of the file xkb/xkb.c...
AlmaLinux 8 : freeradius:3.0 (ALSA-2023:2870)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2870 advisory. freeradius: Information leakage in EAP-PWD CVE-2022-41859 freeradius: Crash on unknown option in EAP-SIM CVE-2022-41860 freeradius: Crash on invalid abina...
AlmaLinux 8 : libtar (ALSA-2023:2898)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:2898 advisory. - An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink,...