AlmaLinux 8 : binutils (ALSA-2021:4364)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4364 advisory. binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c readsection CVE-2021-3487 binutils: Race window allows use...

AlmaLinux 8 : p11-kit (ALSA-2021:1609)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1609 advisory. - An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit libra...

AlmaLinux 8 : mailman:2.1 (ALSA-2021:4916)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2021:4916 advisory. mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover CVE-2021-44227 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : gnupg2 (ALSA-2020:4490)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4490 advisory. - GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery CSRF vulnerability in dirmngr that can result in Attacker controlled CSRF, Informatio...

AlmaLinux 8 : liblouis (ALSA-2020:1708)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:1708 advisory. - Liblouis 3.5.0 has a Segmentation fault in loulogPrint in logging.c. CVE-2018-11577 - Liblouis 3.5.0 has a stack-based Buffer Overflow in the function...

AlmaLinux 8 : libjpeg-turbo (ALSA-2019:3705)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2019:3705 advisory. - get8bitrow in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service heap-based buffer over-read and...

AlmaLinux 8 : freetype (ALSA-2020:4952)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:4952 advisory. - Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

AlmaLinux 8 : libvorbis (ALSA-2019:3703)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2019:3703 advisory. - mapping0forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of...

AlmaLinux 8 : freerdp and vinagre (ALSA-2020:4647)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4647 advisory. - In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound read...

AlmaLinux 8 : linux-firmware (ALSA-2020:5479)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:5479 advisory. - Improper buffer restriction in some IntelR Wireless BluetoothR products before version 21.110 may allow an unauthenticated user to potentially enable escalation ...

AlmaLinux 8 : kernel (ALSA-2021:4647)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4647 advisory. - A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. Thi...

AlmaLinux 8 : java-1.8.0-openjdk (ALSA-2021:3893)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:3893 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java...

AlmaLinux 8 : zsh (ALSA-2020:0903)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:0903 advisory. - In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the...

AlmaLinux 8 : vim (ALSA-2021:4517)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4517 advisory. - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3778 - vim is vulnerable to Use After Free CVE-2021-3796 Note that Nessus has not tested for th...

AlmaLinux 8 : mariadb:10.3 (ALSA-2019:3708)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2019:3708 advisory. mysql: InnoDB unspecified vulnerability CPU Jan 2019 CVE-2019-2510 mysql: Server: DDL unspecified vulnerability CPU Jan 2019 CVE-2019-2537 mysql: Server:...

AlmaLinux 8 : bind (ALSA-2021:4384)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4384 advisory. - In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported Preview Edition,...

AlmaLinux 8 : libvpx (ALSA-2020:4629)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4629 advisory. - In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code...

AlmaLinux 8 : kernel (ALSA-2021:4356)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4356 advisory. - Insufficient control flow in certain data structures for some IntelR Processors with IntelR Processor Graphics may allow an unauthenticated user to...

AlmaLinux 8 : expat (ALSA-2020:4484)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4484 advisory. - In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount o...

AlmaLinux 8 : dhcp (ALSA-2021:2359)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:2359 advisory. - In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in the 4.3.x...