MiracleLinux 4 : thunderbird-78.9.0-3.0.1.AXS4 (AXSA:2021-1624:05)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1624:05 advisory. Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read CVE-2021-23981 Mozilla: Memory safety bugs fixed in Firefox ...

MiracleLinux 4 : thunderbird-78.9.1-1.0.1.AXS4 (AXSA:2021-1692:07)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1692:07 advisory. Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key CVE-2021-23991 Mozilla: A crafted OpenPGP key wit...

MiracleLinux 4 : spice-gtk-0.26-8.AXS4.2 (AXSA:2020-4447:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4447:01 advisory. spice-client: Insufficient encoding checks for LZ can cause different integer/buffer overflows CVE-2018-10893 Tenable has extracted the preceding description...

MiracleLinux 4 : thunderbird-78.7.0-1.0.1.AXS4 (AXSA:2021-1432:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1432:01 advisory. Mozilla: Cross-origin information leakage via redirected PDF requests CVE-2021-23953 Mozilla: Type confusion when using logical assignment operators...

MiracleLinux 4 : thunderbird-78.11.0-1.0.1.AXS4 (AXSA:2021-1977:10)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1977:10 advisory. Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 CVE-2021-29967 Mozilla: Thunderbird stored OpenPGP secret keys without master...

MiracleLinux 4 : rpm-4.8.0-59.0.2.AXS4 (AXSA:2021-2775:09)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2775:09 advisory. rpm: Signature checks bypass via corrupted rpm package CVE-2021-20271 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 4 : firefox-78.8.0-1.0.1.AXS4 (AXSA:2021-1566:06)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1566:06 advisory. Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968 Mozilla: Content Security Policy...

MiracleLinux 4 : bind-9.8.2-0.68.8.0.3.rc1.AXS4 (AXSA:2021-1549:05)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1549:05 advisory. bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation CVE-2020-8625 Tenable has extracted the preceding description...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.251-2.6.21.0.AXS4 (AXSA:2020-4483:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4483:01 advisory. OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS Security, 8229951 CVE-2020-2601 OpenJDK: Serialization filter changes via jdk.serialFilter...

MiracleLinux 4 : xterm-253-1.0.1.AXS4 (AXSA:2021-1537:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1537:02 advisory. xterm: crash when processing combining characters CVE-2021-27135 CVEs: CVE-2021-27135 Tenable has extracted the preceding description block directly from the...

MiracleLinux 4 : firefox-68.12.0-1.0.1.AXS4 (AXSA:2020-279:19)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-279:19 advisory. Mozilla: Attacker-induced prompt for extension installation CVE-2020-15664 Mozilla: Use-After-Free when aborting an operation CVE-2020-15669 Tenable...

MiracleLinux 4 : sudo-1.8.6p3-29.3.0.1.AXS4 (AXSA:2021-1331:03)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1331:03 advisory. sudo: Heap buffer overflow in argument parsing CVE-2021-3156 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 4 : firefox-78.10.0-1.0.1.AXS4 (AXSA:2021-1731:12)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1731:12 advisory. Mozilla: Out of bound write due to lazy initialization CVE-2021-23994 Mozilla: Use-after-free in Responsive Design Mode CVE-2021-23995 Mozilla: More...

MiracleLinux 4 : thunderbird-68.7.0-1.AXS4 (AXSA:2020-4709:03)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4709:03 advisory. Mozilla: Use-after-free while running the nsDocShell destructor CVE-2020-6819 Mozilla: Use-after-free when handling a ReadableStream CVE-2020-6820...

MiracleLinux 4 : php-5.3.3-50.AXS4 (AXSA:2019-4373:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4373:01 advisory. php: underflow in envpathinfo in fpmmain.c CVE-2019-11043 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 4 : unbound-1.4.20-29.AXS4.1 (AXSA:2020-179:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-179:03 advisory. unbound: amplification of an incoming query into a large number of queries directed to a target CVE-2020-12662 unbound: infinite loop via malformed D...

MiracleLinux 4 : microcode_ctl-1.17-33.32.0.3.AXS4 (AXSA:2021-1922:07)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1922:07 advisory. hw: vt-d related privilege escalation CVE-2020-24489 hw: improper isolation of shared resources in some Intel Processors CVE-2020-24511 hw: observab...

MiracleLinux 4 : firefox-68.4.1-1.0.1.AXS4 (AXSA:2020-4433:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4433:02 advisory. Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement CVE-2019-17026 Mozilla: Bypass of @namespace CSS sanitization durin...

MiracleLinux 4 : tomcat6-6.0.24-115.AXS4 (AXSA:2020-136:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-136:02 advisory. tomcat: deserialization flaw in session persistence storage leading to RCE CVE-2020-9484 Tenable has extracted the preceding description block directly from t...

MiracleLinux 4 : thunderbird-78.3.1-1.0.1.AXS4 (AXSA:2020-833:08)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-833:08 advisory. Mozilla: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 CVE-2020-15673 Mozilla: XSS when pasting attacker-controlled data into a...