6423 matches found
AlmaLinux 8 : cairo and pixman (ALSA-2022:1961)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1961 advisory. - A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's...
AlmaLinux 8 : mod_auth_mellon (ALSA-2022:1934)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1934 advisory. - A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by...
AlmaLinux 8 : go-toolset:rhel8 (ALSA-2022:1819)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1819 advisory. golang: Command-line arguments may overwrite global data CVE-2021-38297 golang: archive/zip: malformed archive may cause panic or memory exhaustion...
AlmaLinux 8 : mod_auth_openidc:2.3 (ALSA-2022:1823)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1823 advisory. modauthopenidc: open redirect in oidcvalidateredirecturl CVE-2021-32786 modauthopenidc: hardcoded static IV and AAD with a reused key in AES GCM encryptio...
AlmaLinux 8 : pki-core:10.6 (ALSA-2022:1851)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1851 advisory. JSS: memory leak in TLS connection leads to OOM CVE-2021-4213 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...
AlmaLinux 8 : libreoffice (ALSA-2022:1766)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1766 advisory. - LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred...
AlmaLinux 8 : samba (ALSA-2022:2074)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:2074 advisory. - All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area ...
AlmaLinux 8 : python3 (ALSA-2022:1986)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1986 advisory. - A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP...
AlmaLinux 8 : cockpit (ALSA-2022:2008)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:2008 advisory. - Cockpit and its plugins do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website,...
AlmaLinux 8 : maven:3.6 (ALSA-2022:1860)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1860 advisory. apache-httpclient: incorrect handling of malformed authority component in request URIs CVE-2020-13956 Tenable has extracted the preceding description block directl...
AlmaLinux 8 : squid:4 (ALSA-2022:1939)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1939 advisory. squid: out-of-bounds read in WCCP protocol data may lead to information disclosure CVE-2021-28116 Tenable has extracted the preceding description block directly fr...
AlmaLinux 8 : fapolicyd (ALSA-2022:1898)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1898 advisory. - A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may...
AlmaLinux 8 : bind (ALSA-2022:2092)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:2092 advisory. - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release...
AlmaLinux 8 : webkit2gtk3 (ALSA-2022:1777)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1777 advisory. - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15...
AlmaLinux 8 : udisks2 (ALSA-2022:1820)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1820 advisory. - A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this...
AlmaLinux 8 : firefox (ALSA-2022:1705)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:1705 advisory. - Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99 and...
AlmaLinux 8 : python27:2.7 (ALSA-2022:1821)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1821 advisory. python: urllib: Regular expression DoS in AbstractBasicAuthHandler CVE-2021-3733 python: ftplib should not use the host from the PASV response CVE-2021-41...
AlmaLinux 8 : libpq (ALSA-2022:1891)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:1891 advisory. - A man-in-the-middle attacker can inject false responses to the client's first few queries, despite the use of SSL certificate verification and encryption...
AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2022:1759)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1759 advisory. QEMU: virtio-net: heap use-after-free in virtionetreceivercu CVE-2021-3748 ntfs-3g: Out-of-bounds heap buffer access in ntfsgetattributevalue due to...
AlmaLinux 8 : container-tools:3.0 (ALSA-2022:2143)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:2143 advisory. psgo: Privilege escalation in 'podman top' CVE-2022-1227 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...