MiracleLinux 8 : grafana-7.5.15-3.el8 (AXSA:2022-4363:06)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4363:06 advisory. sanitize-url: XSS due to improper sanitization in sanitizeUrl function CVE-2021-23648 golang: net/http: improper sanitization of Transfer-Encoding...

MiracleLinux 9 : butane-0.16.0-1.el9 (AXSA:2023-5817:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5817:02 advisory. golang: net/http: handle server errors after sending GOAWAY CVE-2022-27664 golang: math/big: decoding big.Float and big.Rat types can panic if the...

MiracleLinux 8 : thunderbird-102.3.0-3.el8.ML.1 (AXSA:2022-3892:13)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3892:13 advisory. Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag CVE-2022-3033 Mozilla: Bypassing...

MiracleLinux 9 : varnish-6.6.2-3.el9.1 (AXSA:2023-6534:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6534:03 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...

MiracleLinux 8 : perl-5.26.3-419.el8 (AXSA:2021-2044:27)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2044:27 advisory. perl: heap-based buffer overflow in regular expression compiler leads to DoS CVE-2020-10543 perl: corruption of intermediate language state of...

MiracleLinux 8 : lz4-1.8.3-3.el8 (AXSA:2021-2184:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2184:01 advisory. lz4: memory corruption due to an integer overflow bug caused by memmove argument CVE-2021-3520 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : python38:3.8 and python38-devel:3.8 (AXSA:2022-3598:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3598:01 advisory. python: urllib: Regular expression DoS in AbstractBasicAuthHandler CVE-2021-3733 python-lxml: HTML Cleaner allows crafted and SVG embedded scripts t...

MiracleLinux 8 : kernel-4.18.0-425.19.2.el8_7 (AXSA:2023-5273:11)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5273:11 advisory. kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF...

MiracleLinux 8 : dotnet3.1-3.1.423-1.el8.ML.1 (AXSA:2022-3850:11)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3850:11 advisory. dotnet: DenialOfService - ASP.NET Core MVC vulnerable to stack overflow via ModelStateDictionary recursion. CVE-2022-38013 Tenable has extracted the precedin...

MiracleLinux 8 : ruby:2.5 (AXSA:2022-3087:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3087:01 advisory. rubygem-rdoc: Command injection vulnerability in RDoc CVE-2021-31799 ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host...

MiracleLinux 8 : bluez-5.56-3.el8 (AXSA:2022-3444:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3444:01 advisory. bluez: memory leak in the SDP protocol CVE-2021-41229 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 9 : grub2-2.06-46.el9.3.ML.1 (AXSA:2023-5114:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5114:03 advisory. grub2: Buffer overflow in grubfontconstructglyph can lead to out-of-bound write and possible secure boot bypass CVE-2022-2601 grub2: Heap based...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.292.b10-1.el7 (AXSA:2021-1701:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1701:06 advisory. OpenJDK: Incomplete enforcement of JAR signing disabled algorithms 8249906 CVE-2021-2163 Tenable has extracted the preceding description block directly from...

MiracleLinux 7 : rh-postgresql13-postgresql-13.5-1.el7 (AXSA:2021-2786:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2786:01 advisory. postgresql: memory disclosure in certain queries CVE-2021-3677 postgresql: server processes unencrypted bytes from man-in-the-middle CVE-2021-23214...

MiracleLinux 4 : httpd24-nghttp2-1.7.1-8.AXS4.1 (AXSA:2020-197:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-197:02 advisory. nghttp2: overly large SETTINGS frames can lead to DoS CVE-2020-11080 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2024-8389:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8389:01 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 golang: net/http/cookiejar: incorrect forwarding of...

MiracleLinux 8 : kernel-4.18.0-305.el8 (AXSA:2021-2148:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2148:12 advisory. kernel: Integer overflow in IntelR Graphics Drivers CVE-2020-12362 kernel: memory leak in sofsetgetlargectrldata function in sound/soc/sof/ipc.c...

MiracleLinux 4 : thunderbird-78.7.0-1.0.1.AXS4 (AXSA:2021-1432:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1432:01 advisory. Mozilla: Cross-origin information leakage via redirected PDF requests CVE-2021-23953 Mozilla: Type confusion when using logical assignment operators...

MiracleLinux 9 : thunderbird-115.7.0-1.el9_3.ML.1 (AXSA:2024-7503:05)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7503:05 advisory. Mozilla: Out of bounds write in ANGLE CVE-2024-0741 Mozilla: Failure to update user input timestamp CVE-2024-0742 Mozilla: Crash when listing printe...

MiracleLinux 8 : curl-7.61.1-33.el8_9.5 (AXSA:2024-7656:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7656:02 advisory. curl: information disclosure by exploiting a mixed case flaw CVE-2023-46218 curl: more POST-after-PUT confusion CVE-2023-28322 curl: cookie injectio...