CentOS 7 : firefox (RHSA-2022:4870)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4870 advisory. - A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird 91.1...

CentOS 7 : kernel (RHSA-2022:5232)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5232 advisory. - net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root...

CentOS 8 : go-toolset:rhel8 (CESA-2022:5337)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:5337 advisory. - golang: encoding/pem: fix stack overflow in Decode CVE-2022-24675 - golang: regexp: stack exhaustion via a deeply nested expression CVE-2022-24921 -...

CentOS 8 : squid:4 (CESA-2022:1939)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:1939 advisory. - squid: out-of-bounds read in WCCP protocol data may lead to information disclosure CVE-2021-28116 Note that Nessus has not tested for this issue but has inste...

CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2022:1759)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:1759 advisory. - QEMU: block: fdc: null pointer dereference may lead to guest crash CVE-2021-20196 - ntfs-3g: Out-of-bounds heap buffer access in ntfsgetattributevalu...

CentOS 8 : c-ares (CESA-2022:2043)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:2043 advisory. - c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 Note that Nessus has not tested for this issue but has instead relie...

CentOS 8 : webkit2gtk3 (CESA-2022:1777)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:1777 advisory. - webkitgtk: Use-after-free leading to arbitrary code execution CVE-2021-30809 - webkitgtk: Type confusion issue leading to arbitrary code execution...

CentOS 8 : vim (CESA-2022:0366)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:0366 advisory. - vim: heap-based buffer overflow in winredrstatus in drawscreen.c CVE-2021-3872 - vim: illegal memory access in findstartbrace in cindent.c when...

Exploit for Incomplete Cleanup in Linux Linux_Kernel

CVE-2021-4032-NoGCC Test in: Ubuntu 20...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4032-NoGCC Test in: Ubuntu 20...

CentOS 8 : firefox (CESA-2022:0130)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:0130 advisory. - Mozilla: Iframe sandbox bypass with XSLT CVE-2021-4140 - Mozilla: Race condition when playing audio files CVE-2022-22737 - Mozilla:...

CentOS 8 : thunderbird (CESA-2021:5045)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:5045 advisory. - Mozilla: JavaScript unexpectedly enabled for the composition area CVE-2021-43528 - Mozilla: URL leakage when navigating while executing asynchronous...

CentOS 7 : openssh (RHSA-2021:4782)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4782 advisory. - sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not...

CentOS 7 : openssl (RHSA-2021:3798)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3798 advisory. - Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close...

CentOS 8 : gcc (CESA-2021:4587)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4587 advisory. - Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 Note that Nessus has not tested for thi...

CentOS 8 : python27:2.7 (CESA-2021:4151)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4151 advisory. - python: Unsafe use of eval on data retrieved via HTTP in the test suite CVE-2020-27619 - python-jinja2: ReDoS vulnerability in the urlize filter...

CentOS 8 : go-toolset:rhel8 (CESA-2021:4156)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4156 advisory. - golang: net: lookup functions may return invalid host names CVE-2021-33195 - golang: net/http/httputil: ReverseProxy forwards connection headers if...

CentOS 8 : mutt (CESA-2021:4181)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:4181 advisory. - mutt: Incorrect handling of invalid initial IMAP responses could lead to an authentication attempt over unencrypted connection CVE-2020-28896 - mutt:...

CentOS 8 : gnutls and nettle (CESA-2021:4451)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4451 advisory. - gnutls: Use after free in client keyshare extension CVE-2021-20231 - gnutls: Use after free in clientsendparams in lib/ext/presharedkey.c...

CentOS 8 : binutils (CESA-2021:4364)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4364 advisory. - binutils: Race window allows users to own arbitrary files CVE-2021-20197 - binutils: Heap-based buffer overflow in bfdgetlsigned32 in libbfd.c becaus...