MiracleLinux 9 : squid-5.2-1.el9.1 (AXSA:2022-4015:03)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4015:03 advisory. squid: DoS when processing gopher server responses CVE-2021-46784 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

MiracleLinux 9 : golang-1.18.9-1.el9, go-toolset-1.18.9-1.el9 (AXSA:2023-4904:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4904:01 advisory. golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...

MiracleLinux 8 : mod_auth_openidc:2.3 (AXSA:2023-7316:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7316:01 advisory. modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character CVE-2022-23527 modauthopenidc: NULL pointer dereference when...

MiracleLinux 8 : kernel-4.18.0-348.el8 (AXSA:2021-2785:26)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2785:26 advisory. kernel: out-of-bounds reads in pinctrl subsystem CVE-2020-0427 kernel: Improper input validation in some IntelR Ethernet E810 Adapter drivers...

MiracleLinux 9 : open-vm-tools-11.3.5-1.el9.1 (AXSA:2022-4085:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4085:04 advisory. open-vm-tools: local root privilege escalation in the virtual machine CVE-2022-31676 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : freerdp-2.2.0-7.el8 (AXSA:2021-2822:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2822:04 advisory. freerdp: improper client input validation for gateway connections allows to overwrite memory CVE-2021-41159 freerdp: improper region checks in all...

MiracleLinux 9 : java-1.8.0-openjdk-1.8.0.362.b09-2.el9 (AXSA:2023-5054:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5054:05 advisory. OpenJDK: improper restrictions in CORBA deserialization Serialization, 8285021 CVE-2023-21830 OpenJDK: soundbank URL remote loading Sound, 8293742...

MiracleLinux 8 : webkit2gtk3-2.36.7-1.el8.2 (AXSA:2023-5159:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5159:04 advisory. webkitgtk: processing maliciously crafted web content may be exploited for arbitrary code execution CVE-2023-23529 Tenable has extracted the preceding...

MiracleLinux 8 : kernel-4.18.0-372.26.1.el8_6 (AXSA:2022-3848:14)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3848:14 advisory. Incomplete cleanup of multi-core shared buffers aka SBDR CVE-2022-21123 Incomplete cleanup of microarchitectural fill buffers aka SBDS CVE-2022-2112...

MiracleLinux 7 : ntp-4.2.6p5-29.2.0.1.el7.AXS7 (AXSA:2020-199:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-199:01 advisory. ntp: ntpd using highly predictable transmit timestamps could result in time change or DoS CVE-2020-13817 ntp: DoS on client ntpd using server mode...

MiracleLinux 9 : python3.11-3.11.2-2.el9.2 (AXSA:2023-6478:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6478:03 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 7 : krb5-1.15.1-55.0.1.el7.AXS7 (AXSA:2024-8882:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8882:05 advisory. CVE-2024-37370: prevent modification of Extra Count field in GSS krb5 wrap token to avoid appearing truncated to application CVE-2024-37371: fix...

MiracleLinux 8 : tigervnc-1.13.1-14.el8_10 (AXSA:2024-9015:15)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9015:15 advisory. xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability CVE-2024-9632 Tenable has extracted the preceding description block...

MiracleLinux 8 : python-pillow-5.1.1-18.el8_9.1.ML.1 (AXSA:2024-7539:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7539:03 advisory. pillow: Arbitrary Code Execution via the environment parameter CVE-2023-50447 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : libvpx-1.9.0-8.el9_5 (AXSA:2024-9404:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9404:02 advisory. libvpx: Integer overflow in vpximgalloc CVE-2024-5197 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 8 : nss-3.67.0-7.el8 (AXSA:2021-2574:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2574:07 advisory. nss: Memory corruption in decodeECorDsaSignature with DSA signatures and RSA-PSS CVE-2021-43527 Tenable has extracted the preceding description block directl...

MiracleLinux 8 : krb5-1.18.2-8.el8 (AXSA:2021-1843:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1843:01 advisory. krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1encode.c may lead to DoS CVE-2020-28196 Tenable has extracted the...

MiracleLinux 7 : tomcat-7.0.76-12.el7 (AXSA:2020-138:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-138:02 advisory. tomcat: deserialization flaw in session persistence storage leading to RCE CVE-2020-9484 Tenable has extracted the preceding description block directly from t...

MiracleLinux 9 : dotnet6.0-6.0.113-1.el9.ML.1 (AXSA:2023-4989:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4989:05 advisory. dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process CVE-2023-21538 Tenable has extracted the preceding...

MiracleLinux 8 : cockpit-composer-45-1.el8, osbuild-composer-75-1.el8.ML.1, osbuild-81-1.el8.ML.1, weldr-client-35.9-2.el8 (AXSA:2023-6087:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6087:04 advisory. golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...