MiracleLinux 9 : buildah-1.31.5-1.el9_3 (AXSA:2024-7725:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7725:02 advisory. buildah: full container escape at build time CVE-2024-1753 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : python3.9-3.9.18-1.el9 (AXSA:2023-6804:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6804:05 advisory. python: tarfile module directory traversal CVE-2007-4559 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : java-11-openjdk-11.0.12.0.7-0.el8 (AXSA:2021-2247:11)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2247:11 advisory. OpenJDK: Incorrect comparison during range check elimination Hotspot, 8264066 CVE-2021-2388 OpenJDK: FTP PASV command response can cause FtpClient t...

MiracleLinux 7 : polkit-0.112-26.el7.1 (AXSA:2022-3017:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3017:01 advisory. polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector CVE-2021-4034 Tenable has extracted the preceding description block...

MiracleLinux 8 : perl-HTTP-Tiny-0.074-2.el8 (AXSA:2023-7126:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7126:02 advisory. http-tiny: insecure TLS cert default CVE-2023-31486 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 8 : libvncserver-0.9.11-15.el8.1 (AXSA:2020-527:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-527:03 advisory. libvncserver: websocket decoding buffer overflow CVE-2017-18922 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : python3.11-3.11.2-2.el8.2 (AXSA:2023-6479:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6479:04 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : edk2-20200602gitca407c7246bf-4.el8.1 (AXSA:2021-2183:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2183:03 advisory. edk2: possible heap corruption with LzmaUefiDecompressGetInfo CVE-2021-28211 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : openssh-8.7p1-38.el9.ML.2 (AXSA:2024-8500:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8500:05 advisory. - Possible remote code execution due to a race condition in signal handling CVE-2024-6387, regreSSHion CVEs: CVE-2024-6387 Tenable has extracted the precedin...

MiracleLinux 9 : thunderbird-115.8.0-1.el9_3.ML.1 (AXSA:2024-7564:06)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7564:06 advisory. Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofed on another site CVE-2024-1547...

MiracleLinux 9 : java-1.8.0-openjdk-1.8.0.382.b05-2.el9.ML.1 (AXSA:2023-6265:17)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6265:17 advisory. OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 OpenJDK: array indexing integer overflow issue 83044...

MiracleLinux 9 : postgresql-13.16-1.el9_4 (AXSA:2024-8734:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8734:04 advisory. postgresql: PostgreSQL relation replacement during pgdump executes arbitrary SQL CVE-2024-7348 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : xmlrpc-c-1.51.0-9.el8_10 (AXSA:2024-8511:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8511:01 advisory. expat: parsing large tokens can trigger a denial of service CVE-2023-52425 CVE-2023-52425 libexpat through 2.5.0 allows a denial of service resource...

MiracleLinux 9 : dovecot-2.3.16-7.el9 (AXSA:2023-4711:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4711:01 advisory. dovecot: Privilege escalation when similar master and non-master passdbs are used CVE-2022-30550 Tenable has extracted the preceding description block direct...

MiracleLinux 7 : libqb-1.0.1-9.el7 (AXSA:2020-4550:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4550:01 advisory. libqb: Insecure treatment of IPC temporary files CVE-2019-12779 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 7 : firefox-102.14.0-1.0.1.el7.AXS7 (AXSA:2023-6310:27)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6310:27 advisory. Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation...

MiracleLinux 8 : cloud-init-20.3-10.el8.5 (AXSA:2021-2312:08)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2312:08 advisory. cloud-init: randomly generated passwords logged in clear-text to world-readable file CVE-2021-3429 Tenable has extracted the preceding description block...

MiracleLinux 9 : ruby-3.0.7-162.el9_4 (AXSA:2024-8427:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8427:02 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time...

MiracleLinux 9 : flatpak-1.12.8-1.el9 (AXSA:2023-6670:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6670:03 advisory. flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual console CVE-2023-28100 flatpak: Metadata with ANSI control codes can...

MiracleLinux 7 : httpd-2.4.6-99.1.0.2.el7.AXS7 (AXSA:2024-8700:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8700:04 advisory. CVE-2024-38474: modrewrite: server weakness with encoded question marks in backreferences CVE-2024-38475: modrewrite: server weakness in modrewrite...