MiracleLinux 8 : postgresql:16 (AXSA:2024-8740:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8740:01 advisory. postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 postgresql: PostgreSQL relation replacement during...

MiracleLinux 7 : flatpak-1.0.9-13.el7 (AXSA:2024-8386:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8386:04 advisory. flatpak: sandbox escape via RequestBackground portal CVE-2024-32462 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : thunderbird-102.15.0-1.el9.ML.1 (AXSA:2023-6387:25)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6387:25 advisory. Mozilla: Memory corruption in IPC CanvasTranslator CVE-2023-4573 Mozilla: Memory corruption in IPC ColorPickerShownCallback CVE-2023-4574 Mozilla:...

MiracleLinux 8 : freetype-2.9.1-4.el8.1 (AXSA:2021-1386:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1386:01 advisory. freetype: Heap-based buffer overflow due to integer truncation in LoadSBitPng CVE-2020-15999 Tenable has extracted the preceding description block directly...

MiracleLinux 9 : podman-5.6.0-9.el9_7 (AXSA:2025-11612:13)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11612:13 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : dotnet6.0-6.0.120-1.el9.ML.1 (AXSA:2023-6235:18)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6235:18 advisory. dotnet: race condition in Core SignInManager PasswordSignInAsync method CVE-2023-33170 Tenable has extracted the preceding description block directly from th...

MiracleLinux 7 : 389-ds-base-1.3.10.2-15.el7 (AXSA:2022-3083:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3083:01 advisory. 389-ds-base: double-free of the virtual attribute context in persistent search CVE-2021-4091 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : firefox-102.3.0-6.el8.ML.1 (AXSA:2022-3893:24)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3893:24 advisory. Mozilla: Bypassing FeaturePolicy restrictions on transient pages CVE-2022-40959 Mozilla: Data-race when parsing non-UTF-8 URLs in threads...

MiracleLinux 9 : webkit2gtk3-2.38.5-1.el9.2 (AXSA:2023-5997:11)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5997:11 advisory. webkitgtk: a use-after-free when processing maliciously crafted web content CVE-2023-32373 webkitgtk: an out-of-bounds read when processing maliciou...

MiracleLinux 9 : libuv-1.42.0-2.el9_4 (AXSA:2024-8597:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8597:02 advisory. libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : python3-3.6.8-51.el8.2.ML.1 (AXSA:2023-6551:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6551:06 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 4 : firefox-78.12.0-1.0.1.AXS4 (AXSA:2021-2238:17)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2238:17 advisory. Mozilla: Use-after-free in accessibility features of a document CVE-2021-29970 Mozilla: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12...

MiracleLinux 8 : grafana-9.2.10-7.el8.ML.1 (AXSA:2023-7309:12)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7309:12 advisory. grafana: account takeover possible when using Azure AD OAuth CVE-2023-3128 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 9 : thunderbird-128.4.0-1.el9_4.ML.1 (AXSA:2024-8973:27)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8973:27 advisory. firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox:...

MiracleLinux 8 : libreoffice-6.4.7.2-10.el8.ML.1 (AXSA:2022-3720:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3720:01 advisory. libreoffice: Content Manipulation with Double Certificate Attack CVE-2021-25633 libreoffice: Timestamp Manipulation with Signature Wrapping...

MiracleLinux 7 : wireshark-1.10.14-24.el7 (AXSA:2020-4562:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4562:01 advisory. wireshark: Out-of-bounds read in packet-ldss.c CVE-2018-11362 wireshark: Multiple dissectors could crash wnpa-sec-2018-36 CVE-2018-14340 wireshark:...

MiracleLinux 7 : postgresql-9.2.24-6.el7 (AXSA:2021-1738:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1738:01 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features escape security restricted operatio...

MiracleLinux 7 : kernel-3.10.0-1160.49.1.el7 (AXSA:2021-2571:25)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2571:25 advisory. kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free CVE-2020-36385 Tenable has extracted the preceding description block directly fro...

MiracleLinux 9 : jss-5.3.0-1.el9, ldapjdk-5.3.0-1.el9, pki-core-11.3.0-1.el9, tomcatjss-8.3.0-1.el9 (AXSA:2023-5762:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5762:01 advisory. pki-core: When using the caServerKeygenDirUserCert profile, user can get certificates for other UIDs by entering name in Subject field CVE-2022-2393 Tenable...

MiracleLinux 8 : go-toolset:rhel8 delve-1.8.3-1.module+el8+1585+5d99e9d3, golang-1.18.9-1.module+el8+1585+5d99e9d3, go-toolset-1.18.9-1.module+el8+1585+5d99e9d3 (AXSA:2023-4877:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4877:01 advisory. golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...