MiracleLinux 8 : xorg-x11-server-1.20.11-15.el8 (AXSA:2023-5917:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5917:04 advisory. xorg-x11-server: buffer overflow in GetCountedString in xkb/xkb.c CVE-2022-3550 xorg-x11-server: XkbGetKbdByName use-after-free CVE-2022-4283...

MiracleLinux 8 : keepalived-2.1.5-8.el8.ML.1 (AXSA:2022-3396:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3396:02 advisory. keepalived: dbus access control bypass CVE-2021-44225 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 8 : procps-ng-3.3.15-14.el8 (AXSA:2023-7098:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7098:04 advisory. procps: ps buffer overflow CVE-2023-4016 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : protobuf-3.14.0-13.el9 (AXSA:2022-4552:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4552:03 advisory. protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference CVE-2021-22570 Tenable has extracted the preceding description block...

MiracleLinux 8 : gnome-shell-3.32.2-44.el8.ML.1 (AXSA:2022-3635:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3635:03 advisory. gnome-shell: Password from logged-out user may be shown on login screen CVE-2020-17489 Tenable has extracted the preceding description block directly from th...

MiracleLinux 9 : mysql-8.0.32-1.el9.ML.1 (AXSA:2023-6090:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6090:01 advisory. mysql: Server: Security: Privileges unspecified vulnerability CPU Apr 2023 CVE-2023-21912 mysql: Server: Optimizer unspecified vulnerability CPU Oct...

MiracleLinux 9 : dotnet7.0-7.0.114-1.el9_3.ML.1 (AXSA:2023-7071:33)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7071:33 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...

MiracleLinux 8 : osbuild-composer-101-2.el8_10.ML.1 (AXSA:2024-8868:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8868:03 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 encoding/gob: golang: Calling Decoder.Decode on a...

MiracleLinux 7 : xerces-c-3.1.1-9.el7 (AXSA:2019-3675:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3675:01 advisory. xerces-c: Stack overflow when parsing deeply nested DTD CVE-2016-4463 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : libwebp-0.3.0-11.el7 (AXSA:2023-5320:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5320:01 advisory. Mozilla: libwebp: Double-free in libwebp CVE-2023-1999 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 9 : buildah-1.31.4-1.el9_3 (AXSA:2024-7581:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7581:01 advisory. ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 9 : containernetworking-plugins-1.2.0-1.el9 (AXSA:2023-5584:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5584:01 advisory. golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests CVE-2022-41717 golang: crypto/tls: session...

MiracleLinux 8 : python39:3.9 (AXSA:2022-4572:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4572:01 advisory. python: local privilege escalation via the multiprocessing forkserver start method CVE-2022-42919 Tenable has extracted the preceding description block...

MiracleLinux 4 : ImageMagick-6.7.2.7-6.0.1.AXS4 (AXSA:2021-1353:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1353:02 advisory. ImageMagick: Shell injection via PDF password could result in arbitrary code execution CVE-2020-29599 CVEs: CVE-2020-29599 Tenable has extracted the precedin...

MiracleLinux 8 : python-pip-9.0.3-16.el8 (AXSA:2020-285:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-285:03 advisory. python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 python-urllib3: CRLF injection...

MiracleLinux 8 : mailman:2.1 (AXSA:2022-2976:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2976:01 advisory. mailman: CSRF token bypass allows to perform CSRF attacks and account takeover CVE-2021-42097 mailman: CSRF token derived from admin password allows...

MiracleLinux 9 : libsndfile-1.0.31-8.el9_5.2 (AXSA:2024-9490:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9490:04 advisory. libsndfile: Segmentation fault error in oggvorbis.c:417 vorbisanalysiswrote CVE-2024-50612 Tenable has extracted the preceding description block directly fro...

MiracleLinux 7 : ImageMagick-6.9.10.68-5.el7 (AXSA:2021-1086:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1086:01 advisory. ImageMagick: Shell injection via PDF password could result in arbitrary code execution CVE-2020-29599 Tenable has extracted the preceding description block...

MiracleLinux 8 : less-530-3.el8_10 (AXSA:2024-8510:05)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8510:05 advisory. less: OS command injection CVE-2024-32487 less: missing quoting of shell metacharacters in LESSCLOSE handling CVE-2022-48624 Tenable has extracted t...

MiracleLinux 8 : libsndfile-1.0.28-16.el8_10 (AXSA:2024-9429:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9429:03 advisory. libsndfile: Segmentation fault error in oggvorbis.c:417 vorbisanalysiswrote CVE-2024-50612 Tenable has extracted the preceding description block directly fro...