MiracleLinux 8 : python-lxml-4.2.3-3.el8 (AXSA:2021-2726:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2726:02 advisory. python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS CVE-2021-28957 Tenable has extracted the preceding description block...

MiracleLinux 8 : libssh-0.9.4-2.el8 (AXSA:2021-1281:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1281:01 advisory. libssh: denial of service when handling AES-CTR or DES ciphers CVE-2020-1730 libssh: unsanitized location in scp could lead to unwanted command...

MiracleLinux 7 : gtk3-3.22.30-8.0.1.el7.AXS7 (AXSA:2024-8937:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8937:02 advisory. CVE-2024-6655: fix loading library from unstrusted search path CVEs: CVE-2024-6655 A flaw was found in the GTK library. Under certain conditions, it is...

MiracleLinux 8 : pesign-0.112-27.el8 (AXSA:2023-5253:04)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5253:04 advisory. pesign: Local privilege escalation on pesign systemd service CVE-2022-3560 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 9 : gdb-10.2-11.el9 (AXSA:2023-6781:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6781:02 advisory. libiberty: Heap/stack buffer overflow in the dlanglname function in d-demangle.c CVE-2021-3826 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : grub2-2.02-142.el8.1.ML.1 (AXSA:2023-4726:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4726:01 advisory. grub2: Buffer overflow in grubfontconstructglyph can lead to out-of-bound write and possible secure boot bypass CVE-2022-2601 grub2: Heap based...

MiracleLinux 8 : unbound-1.7.3-15.el8 (AXSA:2021-2060:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2060:02 advisory. unbound: integer overflow in the regional allocator via regionalalloc CVE-2019-25032 unbound: integer overflow in sldnsstr2wirednamebuforigin can le...

MiracleLinux 9 : kernel-5.14.0-503.14.1.el9_5 (AXSA:2024-9508:43)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9508:43 advisory. kernel: net: nexthop: Initialize all fields in dumped nexthops CVE-2024-42283 kernel: iommufd: Require drivers to supply the cacheinvalidateuser ops...

MiracleLinux 9 : keylime-7.3.0-13.el9_3 (AXSA:2024-7584:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7584:01 advisory. keylime: Attestation failure when the quote's signature does not validate CVE-2023-3674 Tenable has extracted the preceding description block directly from t...

MiracleLinux 9 : firefox-102.13.0-2.el9.ML.1 (AXSA:2023-6244:26)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6244:26 advisory. Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey...

MiracleLinux 8 : libtiff-4.0.9-28.el8 (AXSA:2023-6178:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6178:06 advisory. libtiff: heap-based buffer overflow in processCropSelections in tools/tiffcrop.c CVE-2022-48281 Tenable has extracted the preceding description block directl...

MiracleLinux 9 : sysstat-12.5.4-5.el9 (AXSA:2023-5796:03)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5796:03 advisory. sysstat: arithmetic overflow in allocatestructures on 32 bit systems CVE-2022-39377 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : python3.11-3.11.9-7.el9 (AXSA:2024-9265:28)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9265:28 advisory. python: The zipfile module is vulnerable to zip-bombs leading to denial of service CVE-2024-0450 python: cpython: Iterating over a malicious ZIP fil...

MiracleLinux 9 : firefox-115.13.0-3.el9_4.ML.1 (AXSA:2024-8564:24)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8564:24 advisory. Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 CVE-2024-6604 Mozilla: Race condition in permission...

MiracleLinux 7 : python-pillow-2.0.0-21.gitd1c6db8.el7 (AXSA:2020-560:04)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-560:04 advisory. python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images CVE-2020-5313 Tenable has extracted the preceding description block directly fro...

MiracleLinux 8 : dotnet6.0-6.0.118-1.el8.ML.1 (AXSA:2023-6205:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6205:16 advisory. dotnet: .NET Kestrel: Denial of Service processing X509 Certificates CVE-2023-29331 dotnet: vulnerability exists in NuGet where a potential race...

MiracleLinux 7 : httpd-2.4.6-99.1.0.3.el7.AXS7 (AXSA:2024-8720:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8720:05 advisory. CVE-2024-39884: modules: source code disclosure with handlers configured via AddType. Resolving regression introduced by CVE-2024-38476 fix...

MiracleLinux 4 : thunderbird-68.10.0-1.AXS4 (AXSA:2020-225:05)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-225:05 advisory. Mozilla: Information disclosure due to manipulated URL object CVE-2020-12418 Mozilla: Use-after-free in nsGlobalWindowInner CVE-2020-12419 Mozilla:...

MiracleLinux 8 : cryptsetup-2.3.3-2.el8 (AXSA:2021-1216:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1216:01 advisory. cryptsetup: Out-of-bounds write when validating segments CVE-2020-14382 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : qemu-kvm-8.2.0-11.el9 (AXSA:2024-7897:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7897:02 advisory. QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest CVE-2023-3019 QEMU: VNC: infinite loop in inflatebuffer leads to denial of service...