AlmaLinux 8 : prometheus-jmx-exporter (ALSA-2020:4807)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2020:4807 advisory. - The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564. CVE-2017-18640 Note that Nessus has not...

AlmaLinux 8 : trousers (ALSA-2021:1627)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1627 advisory. - An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the...

AlmaLinux 8 : libmspack (ALSA-2020:1686)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:1686 advisory. - libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile...

AlmaLinux 8 : gcc (ALSA-2021:4386)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4386 advisory. - The demangletemplate function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability for Create an...

AlmaLinux 8 : opensc (ALSA-2021:1600)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:1600 advisory. - The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in scoberthurreadfile. CVE-2020-26570 - The gemsafe...

AlmaLinux 8 : spice-vdagent (ALSA-2021:1791)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:1791 advisory. - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest...

AlmaLinux 8 : kernel (ALSA-2021:1578)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1578 advisory. - A memory leak in the sofsetgetlargectrldata function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of...

AlmaLinux 8 : grafana (ALSA-2020:4682)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4682 advisory. - Grafana 5.3.1 has XSS via a column style on the Dashboard Table Panel screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099...

AlmaLinux 8 : kernel (ALSA-2021:3447)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:3447 advisory. - arch/powerpc/kvm/book3srtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption vi...

AlmaLinux 8 : compat-exiv2-026 (ALSA-2021:4319)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4319 advisory. - An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service DOS v...

AlmaLinux 8 : libsepol (ALSA-2021:4513)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4513 advisory. - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper. CVE-2021-36084 ...

AlmaLinux 8 : sqlite (ALSA-2021:4396)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4396 advisory. - Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a...

AlmaLinux 8 : virt:rhel (ALSA-2020:4059)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4059 advisory. QEMU: usb: out-of-bounds r/w access issue while processing usb packets CVE-2020-14364 QEMU: slirp: networking out-of-bounds read information disclosure...

AlmaLinux 8 : resource-agents (ALSA-2021:4139)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4139 advisory. - An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML SML...

AlmaLinux 8 : dnf (ALSA-2021:4464)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4464 advisory. - A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can...

AlmaLinux 8 : fwupd (ALSA-2021:2566)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:2566 advisory. - A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw...

AlmaLinux 8 : python3 (ALSA-2020:4433)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4433 advisory. - The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the servertitle field. This occurs in...

AlmaLinux 8 : sane-backends (ALSA-2021:1744)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1744 advisory. - A NULL pointer dereference in saneiepsonnetread in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cau...

AlmaLinux 8 : python-pip (ALSA-2021:4455)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4455 advisory. - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different...

AlmaLinux 8 : libuv (ALSA-2021:3075)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:3075 advisory. - Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uvidnatoascii is used to convert strings to ASCII. The pointer p is read and...