MiracleLinux 8 : libreoffice-6.0.6.1-20.el8 (AXSA:2020-840:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-840:02 advisory. libreoffice: Insufficient URL validation allowing LibreLogo script execution CVE-2019-9850 libreoffice: LibreLogo global-event script execution...

MiracleLinux 9 : harfbuzz-2.7.4-10.el9 (AXSA:2024-7815:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7815:01 advisory. harfbuzz: allows attackers to trigger On^2 growth via consecutive marks CVE-2023-25193 Tenable has extracted the preceding description block directly from th...

MiracleLinux 9 : libreoffice-7.1.8.1-8.el9.ML.1 (AXSA:2023-5035:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5035:03 advisory. libreoffice: Macro URL arbitrary script execution CVE-2022-3140 libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation...

MiracleLinux 7 : libpng-1.5.13-8.el7 (AXSA:2020-552:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-552:01 advisory. libpng: does not check length of chunks against user limit CVE-2017-12652 CVE-2017-12652 libpng before 1.6.32 does not properly check the length of chunks...

MiracleLinux 8 : xmlrpc-c-1.51.0-5.el8.1 (AXSA:2022-3167:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3167:01 advisory. expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution CVE-2022-25235 Tenable has extracted the preceding description block...

MiracleLinux 9 : kernel-5.14.0-162.23.1.el9_1 (AXSA:2023-5296:12)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5296:12 advisory. kernel: FUSE filesystem low-privileged user privileges escalation CVE-2023-0386 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : python-pillow-5.1.1-10.el8 (AXSA:2020-206:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-206:02 advisory. python-pillow: out-of-bounds write in expandrow in libImaging/SgiRleDecode.c CVE-2020-5311 python-pillow: improperly restricted operations on memory...

MiracleLinux 7 : libreoffice-5.3.6.1-19.el7 (AXSA:2019-3546:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3546:01 advisory. libreoffice: Use-after-free in sdstor/stgstrms.cxx:StgSmallStrm class allows for denial of service with crafted document CVE-2018-10119 libreoffice:...

MiracleLinux 9 : libwebp-1.2.0-7.el9 (AXSA:2023-6426:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6426:04 advisory. libwebp: Heap buffer overflow in WebP Codec CVE-2023-4863 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 7 : dnsmasq-2.76-17.3.0.1.el7.AXS7 (AXSA:2024-8624:05)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8624:05 advisory. change EDNS.0 UDP packet size from 4096 to 1232 CVE-2023-28450 CVEs: CVE-2023-28450 An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS....

MiracleLinux 8 : unbound-1.16.2-5.el8_9.2 (AXSA:2024-7555:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7555:01 advisory. bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resourc...

MiracleLinux 9 : pam-1.5.1-21.el9_5 (AXSA:2024-9471:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9471:07 advisory. pam: libpam: Libpam vulnerable to read hashed password CVE-2024-10041 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : bind-9.11.36-11.el8_9.1, dhcp-4.3.6-49.el8_9.1.ML.1 (AXSA:2024-7687:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7687:01 advisory. bind9: Parsing large DNS messages may cause excessive CPU load CVE-2023-4408 bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator...

MiracleLinux 8 : emacs-26.1-10.el8.2 (AXSA:2023-6141:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6141:08 advisory. emacs: Regression of CVE-2023-28617 fixes in the Asianux Server CVE-2023-2491 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : thunderbird-102.15.1-1.el9.ML.1 (AXSA:2023-6449:27)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6449:27 advisory. libwebp: Heap buffer overflow in WebP Codec CVE-2023-4863 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : frr-7.5.1-22.el8 (AXSA:2024-8242:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8242:05 advisory. frr: missing length check in bgpattrpsidsub can lead do DoS CVE-2023-31490 frr: processes invalid NLRIs if attribute length is zero CVE-2023-41358...

MiracleLinux 8 : dotnet6.0-6.0.110-1.el8.ML.1 (AXSA:2022-3895:13)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3895:13 advisory. dotnet: Nuget cache poisoning on Linux via world-writable cache directory CVE-2022-41032 Tenable has extracted the preceding description block directly from...

MiracleLinux 9 : firefox-102.3.0-6.el9.ML.1 (AXSA:2022-4111:35)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4111:35 advisory. Mozilla: Bypassing FeaturePolicy restrictions on transient pages CVE-2022-40959 Mozilla: Data-race when parsing non-UTF-8 URLs in threads...

MiracleLinux 7 : mariadb-5.5.68-1.el7 (AXSA:2020-660:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-660:02 advisory. mysql: Server: Optimizer unspecified vulnerability CPU Oct 2019 CVE-2019-2974 mysql: C API unspecified vulnerability CPU Apr 2020 CVE-2020-2752 mysql...

MiracleLinux 9 : rpm-4.16.1.3-27.el9_3 (AXSA:2024-7473:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7473:01 advisory. rpm: TOCTOU race in checks for unsafe symlinks CVE-2021-35937 rpm: races with chown/chmod/capabilities calls during installation CVE-2021-35938 rpm:...