MiracleLinux 7 : php-5.4.16-48.0.5.el7.AXS7 (AXSA:2025-9709:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9709:01 advisory. CVE-2024-8929: fix various heap buffer over-reads CVEs: CVE-2024-8929 In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, a hostile...

MiracleLinux 4 : thunderbird-78.9.1-1.0.1.AXS4 (AXSA:2021-1692:07)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1692:07 advisory. Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key CVE-2021-23991 Mozilla: A crafted OpenPGP key wit...

MiracleLinux 8 : thunderbird-91.11.0-2.el8.ML.1 (AXSA:2022-3748:10)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3748:10 advisory. Mozilla: CSP sandbox header without allow-scripts can be bypassed via retargeted javascript: URI CVE-2022-34468 Mozilla: Use-after-free in nsSHistor...

MiracleLinux 8 : gstreamer1-plugins-good-1.16.1-3.el8 (AXSA:2022-4391:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4391:01 advisory. gstreamer-plugins-good: Use-after-free in matroska demuxing CVE-2021-3497 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 9 : ruby-3.0.7-163.el9_5 (AXSA:2024-9441:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9441:04 advisory. rexml: REXML ReDoS vulnerability CVE-2024-49761 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 8 : postgresql:9.6 (AXSA:2021-1513:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1513:01 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features escape security restricted operatio...

MiracleLinux 7 : rh-nodejs12-nodejs-nodemon-2.0.3-5.el7, rh-nodejs12-nodejs-12.22.5-1.el7 (AXSA:2021-2386:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2386:03 advisory. nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22930 nodejs: Use-after-free on close http2 on stream canceling CVE-2021-22940...

MiracleLinux 9 : libvpx-1.9.0-7.el9.ML.1 (AXSA:2023-6488:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6488:01 advisory. libvpx: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 libvpx: crash related to VP9 encoding in libvpx CVE-2023-44488 Tenable has...

MiracleLinux 8 : jasper-2.0.14-5.el8 (AXSA:2021-2685:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2685:01 advisory. jasper: Heap-based buffer overflow in cpcreate in jpcenc.c CVE-2020-27828 jasper: Heap-based buffer over-read in jp2decode in jp2dec.c CVE-2021-3272...

MiracleLinux 8 : gstreamer1-plugins-base-1.16.1-3.el8 (AXSA:2024-8315:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8315:02 advisory. gstreamer-plugins-base: heap overwrite in subtitle parsing CVE-2023-37328 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 9 : libarchive-3.5.3-2.el9 (AXSA:2022-3983:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3983:02 advisory. libarchive: an out-of-bounds read via the component zipxlzmaaloneinit CVE-2022-26280 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : pki-core:10.6 (AXSA:2022-4440:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4440:01 advisory. pki-core: access to external entities when parsing XML can lead to XXE CVE-2022-2414 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : sane-backends-1.0.27-22.el8 (AXSA:2021-2046:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2046:01 advisory. sane-backends: NULL pointer dereference in saneiepsonnetread function CVE-2020-12867 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : thunderbird-102.7.1-2.el9.ML.1 (AXSA:2023-5074:09)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5074:09 advisory. Mozilla: Revocation status of S/Mime signature certificates was not checked CVE-2023-0430 Tenable has extracted the preceding description block directly from...

MiracleLinux 8 : firefox-102.10.0-1.el8.ML.1 (AXSA:2023-5298:15)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5298:15 advisory. MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp Mozilla: Fullscreen notification obscured CVE-2023-29533 Mozilla: Potential Memory Corruption...

MiracleLinux 9 : cockpit-composer-45-1.el9, osbuild-composer-76-2.el9.ML.1, osbuild-81-1.el9.ML.1, weldr-client-35.9-1.el9 (AXSA:2023-5900:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5900:03 advisory. golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...

MiracleLinux 8 : krb5-1.18.2-29.el8_10 (AXSA:2024-8657:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8657:03 advisory. krb5: GSS message token handling CVE-2024-37371 krb5: GSS message token handling CVE-2024-37370 Tenable has extracted the preceding description bloc...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.382.b05-2.el8 (AXSA:2023-6261:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6261:16 advisory. OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 OpenJDK: array indexing integer overflow issue 83044...

MiracleLinux 9 : firefox-115.10.0-1.el9_3.ML.1 (AXSA:2024-7710:16)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7710:16 advisory. GetBoundName in the JIT returned the wrong object CVE-2024-3852 Out-of-bounds-read after mis-optimized switch statement CVE-2024-3854 Incorrect...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2022-3705:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3705:01 advisory. QEMU: virtio-net: heap use-after-free in virtionetreceivercu CVE-2021-3748 ntfs-3g: Out-of-bounds heap buffer access in ntfsgetattributevalue due to...