CentOS 9 : ncurses-6.2-10.20210508.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ncurses-6.2-10.20210508.el9 build changelog. - ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security- relevant memory corruption via...

CentOS 9 : virt-v2v-2.2.0-5.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the virt-v2v-2.2.0-5.el9 build changelog. - A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the getkeys functio...

CentOS 9 : texlive-20200406-26.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the texlive-20200406-26.el9 build changelog. - LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs...

CentOS 9 : net-snmp-5.9.1-9.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the net-snmp-5.9.1-9.el9 build changelog. - handleipDefaultTTL in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used ...

CentOS 7 : thunderbird (RHSA-2024:0957)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0957 advisory. - When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read...

CentOS 9 : python3.11-pip-22.3.1-4.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the python3.11-pip-22.3.1-4.el9 build changelog. - Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote...

CentOS 9 : nodejs-16.16.0-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the nodejs-16.16.0-1.el9 build changelog. - Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs...

CentOS 9 : tomcat-9.0.62-14.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the tomcat-9.0.62-14.el9 build changelog. - not including the secure attribute causes information CVE-2023-28708 - The fix for CVE-2023-24998 was incomplete for Apache Tomcat...

CentOS 9 : vim-8.2.2637-20.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the vim-8.2.2637-20.el9 build changelog. - no check if the return value of XChangeGC is NULL CVE-2022-47024 Note that Nessus has not tested for this issue but has instead relied only on the...

CentOS 9 : unbound-1.16.2-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the unbound-1.16.2-3.el9 build changelog. - A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various DNS resolving software. The...

CentOS 9 : pixman-0.40.0-6.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the pixman-0.40.0-6.el9 build changelog. - In libpixman in Pixman before 0.42.2, there is an out-of-bounds write aka heap-based buffer overflow in rasterizeedges8 due to an integer overflow...

CentOS 9 : libxml2-2.9.13-2.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the libxml2-2.9.13-2.el9 build changelog. - In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can resu...

CentOS 9 : swtpm-0.7.0-2.20211109gitb79fd91.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the swtpm-0.7.0-2.20211109gitb79fd91.el9 build changelog. - swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, an...

CentOS 9 : sysstat-12.5.4-4.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the sysstat-12.5.4-4.el9 build changelog. - sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1,...

CentOS 9 : xorg-x11-server-Xwayland-21.1.3-5.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the xorg-x11-server-Xwayland-21.1.3-5.el9 build changelog. - A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in...

CentOS 9 : openssl-3.0.7-20.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the openssl-3.0.7-20.el9 build changelog. - Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications...

CentOS 9 : ruby-3.0.2-155.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ruby-3.0.2-155.el9 build changelog. - Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, whic...

CentOS 9 : grafana-9.0.9-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the grafana-9.0.9-1.el9 build changelog. - XSS CVE-2021-23648 - Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users...

CentOS 9 : xorg-x11-server-1.20.11-18.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the xorg-x11-server-1.20.11-18.el9 build changelog. - A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destro...

CentOS 9 : wavpack-5.4.0-5.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the wavpack-5.4.0-5.el9 build changelog. - heap Out-of-bounds Read CVE-2021-44269 Note that Nessus has not tested for this issue but has instead relied only on the application's self-report...