MiracleLinux 7 : xstream-1.3.1-12.el7 (AXSA:2021-1252:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1252:01 advisory. XStream: remote code execution due to insecure XML deserialization when relying on blocklists CVE-2020-26217 Tenable has extracted the preceding description...

MiracleLinux 7 : linux-firmware-20200421-81.git78c0348.el7 (AXSA:2023-6589:09)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6589:09 advisory. hw amd: Return Address Predictor vulnerability leading to information disclosure CVE-2023-20569 hw: amd: Cross-Process Information Leak CVE-2023-205...

MiracleLinux 7 : python-pillow-2.0.0-21.gitd1c6db8.el7 (AXSA:2020-560:04)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-560:04 advisory. python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images CVE-2020-5313 Tenable has extracted the preceding description block directly fro...

MiracleLinux 9 : unbound-1.16.2-3.el9 (AXSA:2023-5451:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5451:02 advisory. unbound: NRDelegation attack leads to uncontrolled resource consumption Non-Responsive Delegation Attack CVE-2022-3204 Tenable has extracted the preceding...

MiracleLinux 7 : firefox-78.8.0-1.0.1.el7.AXS7 (AXSA:2021-1561:05)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1561:05 advisory. Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968 Mozilla: Content Security Policy...

MiracleLinux 7 : java-11-openjdk-11.0.20.0.8-1.el7 (AXSA:2023-6250:13)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6250:13 advisory. OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper...

MiracleLinux 8 : python27:2.7 (AXSA:2024-7348:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7348:01 advisory. python-requests: Unintended leak of Proxy-Authorization header CVE-2023-32681 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : harfbuzz-1.7.5-2.0.1.el7.AXS7 (AXSA:2024-8760:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8760:03 advisory. CVE-2023-25193: optimize looking back for base glyphs in hb-ot-layout-gsubgpos-private.hh CVEs: CVE-2023-25193 hb-ot-layout-gsubgpos.hh in HarfBuzz through...

MiracleLinux 7 : gstreamer-plugins-bad-free-0.10.23-24.el7 (AXSA:2024-7443:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7443:01 advisory. gstreamer: MXF demuxer use-after-free vulnerability CVE-2023-44446 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : pcs-0.10.18-2.el8_10.3.ML.1 (AXSA:2024-9389:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9389:07 advisory. sinatra: Open Redirect Vulnerability in Sinatra via X-Forwarded-Host Header CVE-2024-21510 Tenable has extracted the preceding description block directly fro...

MiracleLinux 7 : polkit-0.112-26.el7 (AXSA:2020-4540:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4540:01 advisory. polkit: Improper authorization in polkitbackendinteractiveauthoritycheckauthorization function in polkitd CVE-2018-1116 Tenable has extracted the preceding...

MiracleLinux 8 : thunderbird-102.15.1-1.el8.ML.1 (AXSA:2023-6445:26)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6445:26 advisory. libwebp: Heap buffer overflow in WebP Codec CVE-2023-4863 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : thunderbird-128.3.1-1.el8_10.ML.1 (AXSA:2024-8910:25)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8910:25 advisory. firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : ruby:3.3 (AXSA:2024-8857:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8857:01 advisory. rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace...

MiracleLinux 8 : gnome-shell-3.32.2-56.el8_10.ML.1 (AXSA:2024-8692:07)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8692:07 advisory. gnome-shell: code execution in portal helper CVE-2024-36472 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : idm:DL1 (AXSA:2024-8493:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8493:01 advisory. CVE-2024-2698 freeipa: delegation rules allow a proxy service to impersonate any user to access another target service CVE-2024-3183 freeipa: user c...

MiracleLinux 9 : nodejs:18 (AXSA:2024-7655:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7655:01 advisory. nodejs: code injection and privilege escalation through Linux capabilities CVE-2024-21892 nodejs: reading unprocessed HTTP request with unbounded...

MiracleLinux 7 : libtiff-4.0.3-35.0.1.el7.AXS7 (AXSA:2024-8709:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8709:04 advisory. CVE-2023-52356: added proper validation and boundary checks to prevent the SEGV and potential heap-buffer overflow CVE-2023-52355: added functionali...

MiracleLinux 9 : dotnet6.0-6.0.132-1.el9_4.ML.1 (AXSA:2024-8563:13)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8563:13 advisory. dotnet: DoS when parsing X.509 Content and ObjectIdentifiers CVE-2024-38095 Tenable has extracted the preceding description block directly from the...

MiracleLinux 4 : microcode_ctl-1.17-33.32.0.3.AXS4 (AXSA:2021-1922:07)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1922:07 advisory. hw: vt-d related privilege escalation CVE-2020-24489 hw: improper isolation of shared resources in some Intel Processors CVE-2020-24511 hw: observab...