MiracleLinux 9 : dotnet6.0-6.0.125-1.el9_3.ML.1 (AXSA:2023-7090:29)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7090:29 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...

MiracleLinux 8 : rsync-3.1.3-19.el8 (AXSA:2022-4191:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4191:08 advisory. zlib: heap-based buffer over-read and overflow in inflate in inflate.c via a large gzip header extra field CVE-2022-37434 Tenable has extracted the preceding...

MiracleLinux 9 : mutt-2.2.6-2.el9 (AXSA:2024-7936:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7936:01 advisory. mutt: null pointer dereference CVE-2023-4874 mutt: null pointer dereference CVE-2023-4875 Tenable has extracted the preceding description block...

MiracleLinux 9 : device-mapper-multipath-0.8.7-7.el9.1 (AXSA:2022-4131:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4131:06 advisory. device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket CVE-2022-41974 Tenable has extract...

MiracleLinux 9 : qt5-qtbase-5.15.9-10.el9_4 (AXSA:2024-8586:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8586:04 advisory. qtbase: qtbase: Delay any communication until encrypted can be responded to CVE-2024-39936 Tenable has extracted the preceding description block directly fro...

MiracleLinux 7 : postgresql-9.2.24-8.el7 (AXSA:2022-3279:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3279:01 advisory. postgresql: Autovacuum, REINDEX, and others omit security restricted operation sandbox CVE-2022-1552 Tenable has extracted the preceding description block...

MiracleLinux 7 : firefox-78.12.0-1.0.1.el7.AXS7 (AXSA:2021-2225:16)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2225:16 advisory. Mozilla: Use-after-free in accessibility features of a document CVE-2021-29970 Mozilla: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12...

MiracleLinux 9 : thunderbird-128.4.0-1.el9_5.ML.2 (AXSA:2024-9408:29)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-9408:29 advisory. firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 firefox: thunderbird: History interface could have been used to...

MiracleLinux 8 : grafana-7.3.6-2.el8 (AXSA:2021-2087:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2087:03 advisory. crewjam/saml: authentication bypass in saml authentication CVE-2020-27846 grafana: XSS via a query alias for the Elasticsearch and Testdata datasour...

MiracleLinux 8 : postgresql:13 (AXSA:2022-2993:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2993:01 advisory. postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from man-in-the-middle CVE-2021-23214...

MiracleLinux 8 : squid:4 (AXSA:2024-7632:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7632:01 advisory. squid: denial of service in HTTP header parser CVE-2024-25617 squid: Denial of Service in HTTP Chunked Decoding CVE-2024-25111 squid: denial of...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.362.b08-1.el7 (AXSA:2023-4855:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4855:02 advisory. OpenJDK: improper restrictions in CORBA deserialization Serialization, 8285021 CVE-2023-21830 OpenJDK: soundbank URL remote loading Sound, 8293742...

MiracleLinux 9 : python3.11-setuptools-65.5.1-2.el9_4.1 (AXSA:2024-8653:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8653:01 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

MiracleLinux 7 : dpdk-18.11.8-2.el7 (AXSA:2023-4760:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4760:01 advisory. dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 Tenable has extracted the preceding description block...

MiracleLinux 7 : pki-core-10.5.18-32.el7 (AXSA:2024-8569:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8569:03 advisory. dogtag ca: token authentication bypass vulnerability CVE-2023-4727 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : firefox-102.7.0-1.el9.ML.1 (AXSA:2023-5064:08)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5064:08 advisory. Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory...

MiracleLinux 8 : ruby:2.5 (AXSA:2024-9315:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9315:01 advisory. rexml: REXML ReDoS vulnerability CVE-2024-49761 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 7 : ipa-4.6.8-5.17.0.1.el7.AXS7 (AXSA:2024-8141:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8141:06 advisory. ipa: user can obtain a hash of the passwords of all domain users and perform offline brute force CVE-2024-3183 Tenable has extracted the preceding descriptio...

MiracleLinux 7 : xorg-x11-server-1.20.4-29.el7 (AXSA:2024-7672:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7672:03 advisory. xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in...

MiracleLinux 7 : spamassassin-3.4.0-6.el7 (AXSA:2020-599:03)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-599:03 advisory. spamassassin: crafted email message can lead to DoS CVE-2019-12420 CVE-2019-12420 In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to us...