MiracleLinux 9 : vim-8.2.2637-16.el9.3 (AXSA:2022-4032:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4032:06 advisory. vim: Out-of-bounds Write CVE-2022-1785 vim: out-of-bounds write in vimregsubboth in regexp.c CVE-2022-1897 vim: buffer over-read in utfptr2char in...

MiracleLinux 9 : python3.12-3.12.5-2.el9 (AXSA:2024-9268:11)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9268:11 advisory. python: The zipfile module is vulnerable to zip-bombs leading to denial of service CVE-2024-0450 python: incorrect IPv4 and IPv6 private ranges...

MiracleLinux 8 : python-pillow-5.1.1-20.el8 (AXSA:2024-8290:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8290:04 advisory. python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument CVE-2023-44271 Tenable has extract...

MiracleLinux 8 : grub2-2.02-162.el8_10.ML.1 (AXSA:2025-9832:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9832:02 advisory. grub2: net: Out-of-bounds write in grubnetsearchconfigfile CVE-2025-0624 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : libexif-0.6.22-4.el8 (AXSA:2021-1093:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1093:01 advisory. libexif: out of bounds write in exif-data.c CVE-2019-9278 libexif: out of bounds read due to a missing bounds check in exifdatasavedataentry functio...

MiracleLinux 9 : kernel-5.14.0-284.30.1.el9_2 (AXSA:2023-6421:25)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6421:25 advisory. kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch requests CVE-2023-3390 kernel: netfilter:...

MiracleLinux 8 : mingw-expat-2.4.8-1.el8 (AXSA:2022-4252:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4252:02 advisory. expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution CVE-2022-25235 expat: Namespace-separator characters in...

MiracleLinux 8 : tigervnc-1.12.0-9.el8.1 (AXSA:2023-5027:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5027:05 advisory. xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation CVE-2023-0494 Tenable has extracted the preceding description block...

MiracleLinux 9 : zlib-1.2.11-31.el9.1 (AXSA:2022-3946:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3946:07 advisory. zlib: A flaw found in zlib when compressing not decompressing certain inputs CVE-2018-25032 Tenable has extracted the preceding description block directly fr...

MiracleLinux 8 : cockpit-composer-41-1.el8, osbuild-composer-62-1.el8.ML.1, osbuild-65-1.el8.ML.2, weldr-client-35.5-4.el8 (AXSA:2023-4757:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4757:01 advisory. golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service CVE-2022-32189...

MiracleLinux 8 : libxml2-2.9.7-9.el8 (AXSA:2021-1786:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1786:01 advisory. libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal in entities.c CVE-2020-24977 Tenable has extracted the preceding description block direct...

MiracleLinux 9 : python3.9-3.9.14-1.el9 (AXSA:2022-4524:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4524:02 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107 python: open redirection vulnerability in lib/http/server.p...

MiracleLinux 9 : nodejs-16.20.2-3.el9 (AXSA:2023-6507:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6507:05 advisory. nodejs: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 A Cybertrust Japan Co., Ltd. Security...

MiracleLinux 9 : thunderbird-115.10.0-2.el9_3.ML.1 (AXSA:2024-7727:11)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7727:11 advisory. Mozilla: Denial of Service using HTTP/2 CONTINUATION frames CVE-2024-3302 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : postgresql-jdbc-42.2.27-1.el9 (AXSA:2023-5766:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5766:02 advisory. postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions CVE-2022-41946 Tenable has extracted the preceding...

MiracleLinux 8 : kernel-4.18.0-553.el8_10 (AXSA:2024-8398:15)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8398:15 advisory. Update the version to 4.18.0-553.el810 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 8 : idm:client (AXSA:2024-8409:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8409:01 advisory. JWCrypto: denail of service Via specifically crafted JWE CVE-2023-6681 python-jwcrypto: malicious JWE token can cause denial of service CVE-2024-281...

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.7.el7.AXS7 (AXSA:2024-9064:40)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9064:40 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: - net: bridge: xmit: make sure we have at leas...

MiracleLinux 9 : postgresql-13.10-1.el9 (AXSA:2023-5280:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5280:02 advisory. postgresql: Extension scripts replace objects not belonging to the extension. CVE-2022-2625 postgresql: Client memory disclosure when connecting wit...

MiracleLinux 8 : libsoup-2.62.3-6.el8_10 (AXSA:2024-9014:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9014:02 advisory. libsoup: infinite loop while reading websocket data CVE-2024-52532 libsoup: HTTP request smuggling via stripping null bytes from the ends of header...