AlmaLinux 8 : libssh (ALSA-2021:4387)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4387 advisory. - libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if sshbuffernew returns NULL. CVE-2020-16135 Note that Nessus has not tested for this issue but has...

AlmaLinux 8 : mutt (ALSA-2021:4181)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4181 advisory. - Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $sslforcetls was processed if an IMAP server's initial server response was invalid...

AlmaLinux 8 : libX11 (ALSA-2021:4326)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4326 advisory. - LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request intended f...

AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2021:0711)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:0711 advisory. QEMU: virtiofsd: potential privileged host device access from guest CVE-2020-35517 Tenable has extracted the preceding description block directly from the AlmaLinu...

AlmaLinux 8 : .NET 5.0 (ALSA-2021:3819)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:3819 advisory. - .NET Core and Visual Studio Information Disclosure Vulnerability CVE-2021-41355 Note that Nessus has not tested for this issue but has instead relied only on the...

AlmaLinux 8 : autotrace (ALSA-2021:4519)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4519 advisory. - A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed...

AlmaLinux 8 : freerdp (ALSA-2021:4622)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4622 advisory. - FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. All FreeRDP clients prior to version 2.4.1 using...

AlmaLinux 8 : ibus and glib2 (ALSA-2020:1880)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:1880 advisory. - A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to...

AlmaLinux 8 : gssdp and gupnp (ALSA-2021:1789)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1789 advisory. - The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different...

AlmaLinux 8 : kernel (ALSA-2021:2570)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:2570 advisory. - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database aka dbx protection mechanism. This affects...

AlmaLinux 8 : polkit (ALSA-2021:2238)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:2238 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C Tenable Network...

AlmaLinux 8 : kernel (ALSA-2021:2714)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:2714 advisory. - net/bluetooth/hcirequest.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. CVE-2021-32399 - fs/seqfile.c in t...

AlmaLinux 8 : yum (ALSA-2019:3583)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2019:3583 advisory. - DISPUTED There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third...

AlmaLinux 8 : libvncserver (ALSA-2020:3385)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2020:3385 advisory. - It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by...

AlmaLinux 8 : flatpak (ALSA-2021:4042)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4042 advisory. - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps with...

AlmaLinux 8 : python-lxml (ALSA-2021:4158)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2021:4158 advisory. - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class...

AlmaLinux 8 : spice (ALSA-2021:1924)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1924 advisory. - A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service CPU consumption by...

AlmaLinux 8 : curl (ALSA-2021:4059)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4059 advisory. - A user can tell curl = 7.20.0 and = 7.20.0 and = 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, t...

AlmaLinux 8 : shim (ALSA-2021:1734)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1734 advisory. - A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw...

AlmaLinux 8 : tcpdump (ALSA-2021:4236)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2021:4236 advisory. - The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. CVE-2020-8037 Note that Nessus has not tested for this issue but has...