MiracleLinux 9 : dotnet7.0-7.0.117-1.el9_3.ML.1 (AXSA:2024-7616:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7616:07 advisory. dotnet: DoS in .NET Core / YARP HTTP / 2 WebSocket support CVE-2024-21392 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 4 : firefox-52.7.3-1.0.1.AXS4 (AXSA:2018-2955:04)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-2955:04 advisory. firefox: Use-after-free in compositor potentially allows code execution CVE-2018-5148 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : rh-postgresql12-postgresql-12.5-1.el7 (AXSA:2020-964:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-964:02 advisory. postgresql: Reconnection can downgrade connection security settings CVE-2020-25694 postgresql: Multiple features escape security restricted operation...

MiracleLinux 4 : firefox-68.7.0-2.0.1.AXS4 (AXSA:2020-4717:09)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4717:09 advisory. Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method CVE-2020-6821 Mozilla: Memory safety bugs fixed in Firefox 7...

MiracleLinux 7 : evince-3.28.2-10.el7, poppler-0.26.5-43.el7 (AXSA:2020-698:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-698:01 advisory. poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc CVE-2019-14494 Tenable has extracted the preceding description...

MiracleLinux 8 : dotnet5.0-5.0.206-1.el8.ML.1 (AXSA:2021-2360:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2360:10 advisory. dotnet: ASP.NET Core WebSocket frame processing DoS CVE-2021-26423 dotnet: Dump file created world-readable CVE-2021-34485 dotnet: ASP.NET Core JWT...

MiracleLinux 9 : libndp-1.8-6.el9_4.ML.1 (AXSA:2024-8585:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8585:02 advisory. libndp: buffer overflow in route information length field CVE-2024-5564 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : flatpak-1.12.9-1.el8_10 (AXSA:2024-8476:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8476:06 advisory. flatpak: sandbox escape via RequestBackground portal CVE-2024-32462 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : postgresql:10 (AXSA:2024-7566:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7566:01 advisory. postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL CVE-2024-0985 Tenable has extracted the preceding description block...

MiracleLinux 8 : dotnet3.1-3.1.115-1.el8.ML.1 (AXSA:2021-2226:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2226:06 advisory. dotnet: .NET Core single-file application privilege escalation CVE-2021-31204 In order for the update to be complete, self-contained applications deployed...

MiracleLinux 7 : perl-5.16.3-299.el7 (AXSA:2021-1425:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1425:04 advisory. perl: heap-based buffer overflow in regular expression compiler leads to DoS CVE-2020-10543 perl: corruption of intermediate language state of...

MiracleLinux 8 : thunderbird-102.3.0-4.el8.ML.1 (AXSA:2022-3907:14)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3907:14 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : rpm-4.14.3-28.el8_9 (AXSA:2024-7498:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7498:02 advisory. rpm: TOCTOU race in checks for unsafe symlinks CVE-2021-35937 rpm: races with chown/chmod/capabilities calls during installation CVE-2021-35938 rpm:...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.272.b10-1.el8 (AXSA:2020-816:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-816:16 advisory. OpenJDK: Credentials sent over unencrypted LDAP connection JNDI, 8237990 CVE-2020-14781 OpenJDK: Certificate blacklist bypass via alternate certifica...

MiracleLinux 8 : php:8.0 (AXSA:2022-4405:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4405:01 advisory. php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 php: Uninitialized array in pgqueryparams leading to RCE CVE-2022-31625...

MiracleLinux 9 : gstreamer1-plugins-base-1.22.1-3.el9_5 (AXSA:2024-9482:05)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9482:05 advisory. gstreamer1-plugins-base: GStreamer has a stack-buffer overflow in vorbishandleidentificationpacket CVE-2024-47538 gstreamer1-plugins-base:...

MiracleLinux 9 : grafana-9.2.10-8.el9_3.ML.1 (AXSA:2024-7653:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7653:01 advisory. grafana: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 CVE-2024-1394 A memory leak flaw was found in Golang ...

MiracleLinux 9 : zziplib-0.13.71-11.el9 (AXSA:2024-7802:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7802:01 advisory. zziplib: invalid memory access at zzipdiskentrytofileheader in mmapped.c CVE-2020-18770 Tenable has extracted the preceding description block directly from t...

MiracleLinux 8 : ruby:2.7 (AXSA:2021-2391:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2391:01 advisory. ruby: Potential HTTP request smuggling in WEBrick CVE-2020-25613 ruby: XML round-trip vulnerability in REXML CVE-2021-28965 Tenable has extracted th...

MiracleLinux 9 : grafana-pcp-5.1.1-9.el9 (AXSA:2024-9330:08)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9330:08 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...