MiracleLinux 8 : libreoffice-6.4.7.2-17.el8_10.ML.1 (AXSA:2024-8544:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8544:05 advisory. libreoffice: create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic CVE-2024-3044 Tenable has extracted the...

MiracleLinux 8 : frr-7.0-10.el8 (AXSA:2021-1317:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1317:01 advisory. frr: default permission issue eases information leaks CVE-2020-12831 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : qt5-5.15.9-1.el9 (AXSA:2023-6891:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6891:08 advisory. qt: buffer over-read via a crafted reply from a DNS server CVE-2023-33285 qt: allows remote attacker to bypass security restrictions caused by flaw ...

MiracleLinux 8 : sysstat-11.7.3-9.el8 (AXSA:2023-5718:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5718:02 advisory. sysstat: arithmetic overflow in allocatestructures on 32 bit systems CVE-2022-39377 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : rh-nodejs12-nodejs-nodemon-2.0.3-2.el7, rh-nodejs12-nodejs-12.22.2-1.el7 (AXSA:2021-2259:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2259:02 advisory. nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl CVE-2021-23362 nodejs-ssri: Regular expression DoS ReDoS...

MiracleLinux 7 : libXpm-3.5.12-2.el7 (AXSA:2023-4845:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4845:02 advisory. libXpm: compression commands depend on $PATH CVE-2022-4883 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : postgresql:16 (AXSA:2024-8742:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8742:01 advisory. postgresql: PostgreSQL pgstatsext and pgstatsextexprs lack authorization checks CVE-2024-4317 postgresql: PostgreSQL relation replacement during...

MiracleLinux 9 : firefox-115.5.0-1.el9_3.ML.1 (AXSA:2023-7215:44)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7215:44 advisory. Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer CVE-2023-6204 Mozilla: Use-after-free in MessagePort::Entangled CVE-2023-6205 Mozilla:...

MiracleLinux 4 : rpm-4.8.0-59.0.2.AXS4 (AXSA:2021-2775:09)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2775:09 advisory. rpm: Signature checks bypass via corrupted rpm package CVE-2021-20271 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : thunderbird-115.8.0-1.el9_3.ML.1 (AXSA:2024-7564:06)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7564:06 advisory. Mozilla: Out-of-bounds memory read in networking channels CVE-2024-1546 Mozilla: Alert dialog could have been spoofed on another site CVE-2024-1547...

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.242.b07-1.AXS4 (AXSA:2020-4437:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4437:02 advisory. OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS Security, 8229951 CVE-2020-2601 OpenJDK: Serialization filter changes via jdk.serialFilter...

MiracleLinux 8 : xmlrpc-c-1.51.0-9.el8_10 (AXSA:2024-8511:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8511:01 advisory. expat: parsing large tokens can trigger a denial of service CVE-2023-52425 CVE-2023-52425 libexpat through 2.5.0 allows a denial of service resource...

MiracleLinux 7 : rsync-3.1.2-11.el7 (AXSA:2022-3735:05)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3735:05 advisory. rsync: remote arbitrary files write inside the directories of connecting peers CVE-2022-29154 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : edk2-20200602gitca407c7246bf-4.el8.1 (AXSA:2021-2183:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2183:03 advisory. edk2: possible heap corruption with LzmaUefiDecompressGetInfo CVE-2021-28211 Tenable has extracted the preceding description block directly from the...

MiracleLinux 4 : firefox-78.5.0-1.0.1.AXS4 (AXSA:2020-966:26)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-966:26 advisory. Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code CVE-2020-26951 Mozilla: Memory safety bugs fixed i...

MiracleLinux 9 : thunderbird-91.11.0-2.el9.ML.1 (AXSA:2022-4028:19)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4028:19 advisory. Mozilla: CSP sandbox header without allow-scripts can be bypassed via retargeted javascript: URI CVE-2022-34468 Mozilla: Use-after-free in nsSHistor...

MiracleLinux 8 : bind9.16-9.16.23-0.7.el8.1 (AXSA:2022-3875:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3875:02 advisory. bind: BIND 9 resolvers configured to answer from cache with zero stale-answer-timeout may terminate unexpectedly CVE-2022-3080 bind: memory leak in...

MiracleLinux 8 : exiv2-0.27.3-2.el8 (AXSA:2021-1970:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1970:01 advisory. exiv2: out-of-bounds read in CiffDirectory::readDirectory due to lack of size check CVE-2019-17402 Tenable has extracted the preceding description block...

MiracleLinux 8 : dbus-1.12.8-10.el8 (AXSA:2020-545:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-545:02 advisory. dbus: denial of service via file descriptor leak CVE-2020-12049 CVE-2020-12049: An issue was discovered in dbus = 1.3.0 before 1.12.18. The DBusServer in...

MiracleLinux 9 : dnsmasq-2.85-14.el9_3.1 (AXSA:2024-7618:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7618:01 advisory. dnsmasq: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 dnsmasq: bind9: Preparing an NSEC3 closest encloser proof can...