MiracleLinux 8 : postgresql:13 (AXSA:2023-6336:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6336:01 advisory. postgresql: schemaelement defeats protective searchpath changes CVE-2023-2454 postgresql: row security policies disregard user ID changes after...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2024-8558:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8558:01 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which...

MiracleLinux 9 : bluez-5.72-2.el9 (AXSA:2024-9114:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9114:01 advisory. bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution CVE-2023-45866 BlueZ: Audio Profile AVRCP...

MiracleLinux 9 : openexr-3.1.1-2.el9_4.1 (AXSA:2024-8955:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8955:01 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : edk2-20221207gitfff6d81270b5-9.el9 (AXSA:2023-5456:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5456:02 advisory. openssl: X.400 address type confusion in X.509 GeneralName CVE-2023-0286 edk2: integer underflow in SmmEntryPoint function leads to potential SMM...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2024-7436:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7436:01 advisory. QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest CVE-2023-3019 Tenable has extracted the preceding description block directly from the...

MiracleLinux 4 : firefox-78.8.0-1.0.1.AXS4 (AXSA:2021-1566:06)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1566:06 advisory. Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968 Mozilla: Content Security Policy...

MiracleLinux 8 : grafana-pcp-5.1.1-9.el8_10 (AXSA:2024-9021:07)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9021:07 advisory. golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 4 : rh-python36-python-pip-9.0.1-5.AXS4, rh-python36-python-3.6.12-1.AXS4, rh-python36-python-virtualenv-15.1.0-3.AXS4 (AXSA:2020-818:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-818:02 advisory. python: XSS vulnerability in the documentation XML-RPC server in servertitle field CVE-2019-16935 python: CRLF injection via the host part of the url...

MiracleLinux 9 : python3.11-3.11.2-2.el9.2 (AXSA:2023-6478:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6478:03 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : libtiff-4.0.9-31.el8 (AXSA:2024-8169:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8169:02 advisory. libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c CVE-2022-4645 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : thunderbird-128.3.0-1.el9_4.ML.1 (AXSA:2024-8890:22)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8890:22 advisory. thunderbird: 115.16/128.3 firefox: thunderbird: Specially crafted WebTransport requests could lead to denial of service CVE-2024-9399 firefox:...

MiracleLinux 8 : dotnet5.0-5.0.208-1.el8.ML.1 (AXSA:2021-2473:12)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2473:12 advisory. dotnet: System.DirectoryServices.Protocols.LdapConnection sends credentials in plaintext if TLS handshake fails CVE-2021-41355 Tenable has extracted the...

MiracleLinux 8 : libtiff-4.0.9-26.el8 (AXSA:2023-4774:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4774:01 advisory. LibTiff: DoS from Divide By Zero Error CVE-2022-2056, CVE-2022-2057, CVE-2022-2058 libtiff: Double free or corruption in rotateImage function at...

MiracleLinux 8 : webkit2gtk3-2.36.7-1.el8.2 (AXSA:2023-5159:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5159:04 advisory. webkitgtk: processing maliciously crafted web content may be exploited for arbitrary code execution CVE-2023-23529 Tenable has extracted the preceding...

MiracleLinux 7 : lftp-4.4.8-12.el7 (AXSA:2020-4561:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4561:02 advisory. lftp: particular remote file names may lead to current working directory erased CVE-2018-10916 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : dbus-1.12.8-24.el8.1 (AXSA:2023-6317:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6317:06 advisory. dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered CVE-2023-34969 CVEs: CVE-2023-34969 Tenable h...

MiracleLinux 8 : NetworkManager-libreswan-1.2.10-7.el8_10 (AXSA:2024-8943:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8943:06 advisory. NetworkManager-libreswan: Local privilege escalation via leftupdown CVE-2024-9050 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : postgresql:12 (AXSA:2024-7394:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7394:01 advisory. postgresql: Buffer overrun from integer overflow in array modification CVE-2023-5869 postgresql: Memory disclosure in aggregate function calls...

MiracleLinux 9 : dotnet6.0-6.0.113-1.el9.ML.1 (AXSA:2023-4989:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4989:05 advisory. dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process CVE-2023-21538 Tenable has extracted the preceding...