CentOS 8 : binutils (CESA-2021:4364)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4364 advisory. - binutils: Race window allows users to own arbitrary files CVE-2021-20197 - binutils: Heap-based buffer overflow in bfdgetlsigned32 in libbfd.c becaus...

CentOS 8 : grafana (CESA-2021:3771)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:3771 advisory. - grafana: Snapshot authentication bypass CVE-2021-39226 Note that Nessus has not tested for this issue but has instead relied only on the application's...

Open Game Panel - Remote Code Execution (Authenticated) Exploit

Exploit Title: Open Game Panel - Remote Code Execution RCE Authenticated Google Dork: intext:"Open Game Panel 2021" Exploit Author: prey Vendor Homepage: https://www.opengamepanel.org/ Software Link: https://github.com/OpenGamePanel/OGP-Website Version: before 14 Aug patch...

Open Game Panel - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Open Game Panel - Remote Code Execution RCE Authenticated Google Dork: intext:"Open Game Panel 2021" Date: 08/14/2021 Exploit Author: prey Vendor Homepage: https://www.opengamepanel.org/ Software Link: https://github.com/OpenGamePanel/OGP-Website Version: before 14 Aug patch...

CentOS 7 : thunderbird (RHSA-2021:3160)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:3160 advisory. - Uninitialized memory in a canvas object could have caused an incorrect free leading to memory corruption and a potentially exploitable crash. This...

CentOS 8 : libuv (CESA-2021:3075)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:3075 advisory. - libuv: out-of-bounds read in uvidnatoascii can lead to information disclosures or crashes CVE-2021-22918 Note that Nessus has not tested for this issue but ha...

CentOS 8 : nodejs:14 (CESA-2021:3074)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3074 advisory. - libuv: out-of-bounds read in uvidnatoascii can lead to information disclosures or crashes CVE-2021-22918 - nodejs-hosted-git-info: Regular Expression...

Citrix Hypervisor Open Source Licensing and Attribution

The Citrix Hypervisor product is a compilation of software packages. Each package is governed by its own license. The complete licensing terms applicable to a given package can be found in the source RPM of the package, unless the package is covered by a proprietary license which does not permit...

CentOS 8 : linuxptp (CESA-2021:2660)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:2660 advisory. - linuxptp: missing length check of forwarded messages CVE-2021-3570 Note that Nessus has not tested for this issue but has instead relied only on the...

CentOS 8 : nginx:1.18 (CESA-2021:2259)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2259 advisory. - nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 Note that Nessus has not tested for this issue...

CentOS 8 : pki-core:10.6 (CESA-2021:2235)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2235 advisory. - pki-server: Dogtag installer pkispawn logs admin credentials into a world-readable log file CVE-2021-3551 Note that Nessus has not tested for this issue but h...

CentOS 8 : kernel (CESA-2021:1578)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1578 advisory. - kernel: memory leak in sofsetgetlargectrldata function in sound/soc/sof/ipc.c CVE-2019-18811 - kernel: use-after-free caused by a malicious USB devic...

CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2021:1762)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1762 advisory. - libvirt: double free in qemuAgentGetInterfaces in qemuagent.c CVE-2020-25637 - QEMU: heap buffer overflow in iscsiaioioctlcb in block/iscsi.c may lea...

CentOS 7 : java-1.8.0-openjdk (RHSA-2021:1298)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1298 advisory. - Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are...

CentOS 8 : dotnet3.1 (CESA-2021:0095)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:0095 advisory. - dotnet: ASP.NET Core Callbacks outside of locks cause Krestel deadlock when using HTTP2 CVE-2021-1723 Note that Nessus has not tested for this issue but has...

CentOS 8 : python27:2.7 (CESA-2020:1605)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1605 advisory. - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header CVE-2018-18074 - python-urllib3: Cross-host redirect does not remov...

CentOS 8 : idm:DL1 and idm:client (CESA-2020:4670)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4670 advisory. - jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 - bootstrap: XSS in the data-target attribute CVE-2016-10735 - bootstrap:...

CentOS 8 : java-1.8.0-openjdk (CESA-2020:1515)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1515 advisory. - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner Scripting, 8223898 CVE-2020-2754 - OpenJDK: Incorrect handling of empty...

CentOS 8 : e2fsprogs (CESA-2020:1913)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:1913 advisory. - e2fsprogs: Crafted ext4 partition leads to out-of-bounds write CVE-2019-5094 Note that Nessus has not tested for this issue but has instead relied only on the...

CentOS 8 : firefox (CESA-2020:3557)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:3557 advisory. - Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer CVE-2020-12422 - Mozilla: WebRTC permission prompt could have been bypassed by a...