MiracleLinux 8 : nodejs:14 (AXSA:2021-2343:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2343:01 advisory. nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl CVE-2021-23362 nodejs-ssri: Regular expression DoS ReDoS...

MiracleLinux 8 : dotnet7.0-7.0.107-1.el8.ML.1 (AXSA:2023-6203:20)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6203:20 advisory. dotnet: .NET Kestrel: Denial of Service processing X509 Certificates CVE-2023-29331 dotnet: vulnerability exists in NuGet where a potential race...

MiracleLinux 9 : libksba-1.5.1-5.el9 (AXSA:2022-4086:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4086:03 advisory. libksba: integer overflow may lead to remote code execution CVE-2022-3515 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 8 : libsndfile-1.0.28-14.el8 (AXSA:2024-8260:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8260:02 advisory. libsndfile: integer overflow in src/mat4.c and src/au.c leads to DoS CVE-2022-33065 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : grafana-9.2.10-7.el8.ML.1 (AXSA:2023-7309:12)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7309:12 advisory. grafana: account takeover possible when using Azure AD OAuth CVE-2023-3128 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 8 : firefox-102.3.0-6.el8.ML.1 (AXSA:2022-3893:24)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3893:24 advisory. Mozilla: Bypassing FeaturePolicy restrictions on transient pages CVE-2022-40959 Mozilla: Data-race when parsing non-UTF-8 URLs in threads...

MiracleLinux 8 : libpq-12.5-1.el8 (AXSA:2021-1461:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1461:01 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: psql's \gset allows overwriting specially treated...

MiracleLinux 8 : rust-toolset:rhel8 (AXSA:2022-3550:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3550:02 advisory. rust: Race condition in removedirall leading to removal of files outside of the directory being removed CVE-2022-21658 Tenable has extracted the preceding...

MiracleLinux 9 : thunderbird-102.15.0-1.el9.ML.1 (AXSA:2023-6387:25)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6387:25 advisory. Mozilla: Memory corruption in IPC CanvasTranslator CVE-2023-4573 Mozilla: Memory corruption in IPC ColorPickerShownCallback CVE-2023-4574 Mozilla:...

MiracleLinux 9 : curl-7.76.1-14.el9.5.ML.1 (AXSA:2022-4407:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4407:05 advisory. curl: HTTP compression denial of service CVE-2022-32206 curl: Unpreserved file permissions CVE-2022-32207 curl: FTP-KRB bad message verification...

MiracleLinux 8 : sysstat-11.7.3-11.el8 (AXSA:2023-7101:05)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7101:05 advisory. sysstat: checkoverflow function can work incorrectly that lead to an overflow CVE-2023-33204 Tenable has extracted the preceding description block directly...

MiracleLinux 9 : libreswan-4.9-2.el9 (AXSA:2023-5981:06)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5981:06 advisory. libreswan: remote DoS via crafted TS payload with an incorrect selector length CVE-2023-23009 Tenable has extracted the preceding description block directly...

MiracleLinux 4 : unbound-1.4.20-29.AXS4.1 (AXSA:2020-179:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-179:03 advisory. unbound: amplification of an incoming query into a large number of queries directed to a target CVE-2020-12662 unbound: infinite loop via malformed D...

MiracleLinux 9 : xorg-x11-server-1.20.11-11.el9, xorg-x11-server-Xwayland-21.1.3-3.el9 (AXSA:2023-4916:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4916:01 advisory. xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access CVE-2022-2319 xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo...

MiracleLinux 7 : java-1.7.0-openjdk-1.7.0.251-2.6.21.0.0.1.el7.AXS7 (AXSA:2020-4487:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4487:02 advisory. OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS Security, 8229951 CVE-2020-2601 OpenJDK: Serialization filter changes via jdk.serialFilter...

MiracleLinux 7 : python-2.7.5-88.0.1.el7.AXS7 (AXSA:2020-4713:15)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4713:15 advisory. python: Cookie domain check returns incorrect results CVE-2018-20852 python: email.utils.parseaddr wrongly parses email addresses CVE-2019-16056...

MiracleLinux 9 : firefox-115.7.0-1.el9_3.ML.1 (AXSA:2024-7504:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7504:07 advisory. Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742 Mozilla: Crash when listing printe...

MiracleLinux 8 : systemd-239-45.el8.2 (AXSA:2021-2239:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2239:07 advisory. systemd: uncontrolled allocation on the stack in function unitnamepathescape leads to crash CVE-2021-33910 Tenable has extracted the preceding description...

MiracleLinux 8 : SDL-1.2.15-38.el8 (AXSA:2021-1321:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1321:01 advisory. SDL: buffer over-read in IMAADPCMnibble in audio/SDLwave.c CVE-2019-7572 SDL: heap-based buffer overflow in MSADPCMdecode in audio/SDLwave.c...

MiracleLinux 9 : krb5-1.20.1-8.el9 (AXSA:2023-5393:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5393:04 advisory. Kerberos: delegation constrain bypass in S4U2Proxy CVE-2020-17049 Tenable has extracted the preceding description block directly from the MiracleLinux securi...