MiracleLinux 9 : pki-core-11.0.6-2.el9.ML.1 (AXSA:2023-5106:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5106:02 advisory. pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : container-tools:2.0 (AXSA:2020-866:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-866:01 advisory. buildah: Crafted input tar file may lead to local file overwrite during image build process CVE-2020-10696 Bug Fixes: podman 1.6.4 is not honouring...

MiracleLinux 9 : unbound-1.16.2-2.el9 (AXSA:2023-4630:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4630:01 advisory. unbound: novel ghost domain attack that allows attackers to trigger continued resolvability of malicious domain names CVE-2022-30698 unbound: novel...

MiracleLinux 9 : dotnet6.0-6.0.122-1.el9.ML.1 (AXSA:2023-6423:23)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6423:23 advisory. dotnet: Denial of Service with Client Certificates using .NET Kestrel CVE-2023-36799 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : git-1.8.3.1-23.el7 (AXSA:2020-103:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-103:04 advisory. git: Crafted URL containing new lines, empty host or lacks a scheme can cause credential leak CVE-2020-11008 Tenable has extracted the preceding description...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2023-6011:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6011:01 advisory. ntfs-3g: heap-based buffer overflow in ntfsck CVE-2021-46790 QEMU: VNC: integer underflow in vncclientcuttextext leads to CPU exhaustion CVE-2022-31...

MiracleLinux 8 : thunderbird-78.14.0-1.el8.ML.1 (AXSA:2021-2414:17)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2414:17 advisory. Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 CVE-2021-38493 Tenable has extracted the preceding description block...

MiracleLinux 8 : pacemaker-2.0.4-6.el8.1 (AXSA:2021-1439:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1439:03 advisory. pacemaker: ACL restrictions bypass CVE-2020-25654 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Not...

MiracleLinux 8 : openssl-1.1.1k-6.el8 (AXSA:2022-3132:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3132:04 advisory. openssl: Infinite loop in BNmodsqrt reachable when parsing certificates CVE-2022-0778 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : java-11-openjdk-11.0.17.0.8-2.el9 (AXSA:2022-4117:18)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4117:18 advisory. OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509...

MiracleLinux 8 : dotnet6.0-6.0.105-1.el8.ML.1 (AXSA:2022-3729:08)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3729:08 advisory. dotnet: excess memory allocation via HttpClient causes DoS CVE-2022-23267 dotnet: malicious content causes high CPU and memory usage CVE-2022-29117...

MiracleLinux 9 : gstreamer1-plugins-base-1.22.1-3.el9_5 (AXSA:2024-9482:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9482:05 advisory. gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbishandleidentificationpacket CVE-2024-47538 gstreamer1-plugins-base:...

MiracleLinux 8 : systemd-239-58.el8.4.ML.1 (AXSA:2022-3787:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3787:08 advisory. systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c CVE-2022-2526 Tenable has extracted the preceding description block...

MiracleLinux 9 : tigervnc-1.12.0-5.el9.1 (AXSA:2023-5025:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5025:04 advisory. xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation CVE-2023-0494 Tenable has extracted the preceding description block...

MiracleLinux 9 : krb5-1.21.1-4.el9 (AXSA:2024-9084:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9084:07 advisory. freeradius: forgery attack CVE-2024-3596 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : mailman:2.1 mailman (AXSA:2021-1560:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1560:01 advisory. mailman: XSS via file attachments in list archives CVE-2020-12137 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

MiracleLinux 8 : firefox-91.11.0-2.el8.ML.1 (AXSA:2022-3746:19)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3746:19 advisory. Mozilla: CSP sandbox header without allow-scripts can be bypassed via retargeted javascript: URI CVE-2022-34468 Mozilla: Use-after-free in nsSHistor...

MiracleLinux 7 : pango-1.42.4-4.el7 (AXSA:2020-060:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-060:01 advisory. pango: pangolog2visgetembeddinglevels heap-based buffer overflow CVE-2019-1010238 CVE-2019-1010238 Gnome Pango 1.42 and later is affected by: Buffer Overflow...

MiracleLinux 8 : postgresql:10 postgresql-10.23-1.module+el8+1581+24b533d8 (AXSA:2023-4747:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4747:01 advisory. postgresql: Extension scripts replace objects not belonging to the extension. CVE-2022-2625 Tenable has extracted the preceding description block directly fr...

MiracleLinux 9 : nss-3.90.0-6.el9_3 (AXSA:2024-7519:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7519:03 advisory. nss: vulnerable to Minerva side-channel information leak CVE-2023-6135 Tenable has extracted the preceding description block directly from the MiracleLinux...