CentOS 9 : pesign-115-6.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the pesign-115-6.el9 build changelog. - A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACL...

CentOS 9 : krb5-1.19.1-22.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the krb5-1.19.1-22.el9 build changelog. - The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/dotgsreq.c...

CentOS 9 : curl-7.76.1-21.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the curl-7.76.1-21.el9 build changelog. - When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the...

CentOS 9 : grafana-pcp-3.2.0-2.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the grafana-pcp-3.2.0-2.el9 build changelog. - net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 - io/fs: stack exhaustion in Glob CVE-2022-30630 -...

CentOS 9 : NetworkManager-1.43.10-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the NetworkManager-1.43.10-1.el9 build changelog. - It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path...

CentOS 9 : bind-9.16.23-9.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the bind-9.16.23-9.el9 build changelog. - Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to ...

CentOS 9 : flatpak-1.12.8-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the flatpak-1.12.8-1.el9 build changelog. - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8,...

CentOS 9 : yajl-2.1.0-21.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the yajl-2.1.0-21.el9 build changelog. - yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow whic...

CentOS 9 : polkit-0.117-10.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the polkit-0.117-10.el9 build changelog. - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest...

CentOS 8 : unbound (CESA-2024:0965)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0965 advisory. - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU...

CentOS 8 : firefox (CESA-2023:3220)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:3220 advisory. - In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and...

CentOS 8 : thunderbird (CESA-2023:1802)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:1802 advisory. - OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted...

CentOS 8 : cups (CESA-2023:7165)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7165 advisory. - OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker ...

CentOS 8 : libreswan (CESA-2023:2122)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:2122 advisory. - pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The...

CentOS 7 : java-11-openjdk (RHSA-2024:0232)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0232 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supporte...

CentOS 8 : tomcat (CESA-2024:0125)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0125 advisory. - URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from...

CentOS 8 : openssl (CESA-2023:7877)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7877 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheck...

CentOS 8 : postgresql:12 (CESA-2023:7714)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7714 advisory. - IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quotin...

CentOS 7 : kernel-rt (RHSA-2023:1092)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:1092 advisory. - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anonvma double reuse. CVE-2022-42703 - A stack overflow flaw was fou...

CentOS 7 : thunderbird (RHSA-2023:4062)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4062 advisory. - An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115,...