AlmaLinux 8 : polkit (ALSA-2021:2238)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:2238 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C Tenable Network...

AlmaLinux 8 : yum (ALSA-2019:3583)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2019:3583 advisory. - DISPUTED There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third...

AlmaLinux 8 : libdb (ALSA-2021:1675)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1675 advisory. - Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32...

AlmaLinux 8 : python38:3.8 and python38-devel:3.8 (ALSA-2021:2583)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:2583 advisory. PyYAML: incomplete fix for CVE-2020-1747 CVE-2020-14343 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

AlmaLinux 8 : lua (ALSA-2019:3706)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2019:3706 advisory. - Lua 5.3.5 has a use-after-free in luaupvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a...

AlmaLinux 8 : gcc-toolset-10-binutils (ALSA-2021:4649)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4649 advisory. - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control...

AlmaLinux 8 : mingw-glib2 (ALSA-2021:4526)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4526 advisory. - An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If gbytearraynewtake was called with a buffer of 4GB or more on a 64-bit...

AlmaLinux 8 : NetworkManager (ALSA-2021:4361)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4361 advisory. - An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be...

AlmaLinux 8 : pacemaker (ALSA-2020:5487)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:5487 advisory. - An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various...

AlmaLinux 8 : python-lxml (ALSA-2021:4158)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2021:4158 advisory. - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class...

AlmaLinux 8 : nghttp2 (ALSA-2020:2755)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:2755 advisory. - In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious clien...

AlmaLinux 8 : sane-backends (ALSA-2021:1744)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1744 advisory. - A NULL pointer dereference in saneiepsonnetread in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cau...

AlmaLinux 8 : libsolv (ALSA-2020:4508)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:4508 advisory. - repodataschema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input...

AlmaLinux 8 : cyrus-sasl (ALSA-2020:4497)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:4497 advisory. - cyrus-sasl aka Cyrus SASL 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of- service in OpenLDAP via a malformed LDAP packet. The...

AlmaLinux 8 : libreoffice (ALSA-2020:4628)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4628 advisory. - LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the...

AlmaLinux 8 : libxml2 (ALSA-2021:2569)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:2569 advisory. - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger...

AlmaLinux 8 : irssi (ALSA-2020:1616)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:1616 advisory. - Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server. CVE-2019-13045...

AlmaLinux 8 : .NET 5.0 (ALSA-2021:3819)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:3819 advisory. - .NET Core and Visual Studio Information Disclosure Vulnerability CVE-2021-41355 Note that Nessus has not tested for this issue but has instead relied only on the...

AlmaLinux 8 : rpm (ALSA-2021:4489)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4489 advisory. - A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat...

AlmaLinux 8 : openjpeg2 (ALSA-2021:4251)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4251 advisory. - In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opjt1encodecblks function openjp2/t1.c. Remote attackers could leverage this...