RHEL 6 : chromium-browser (RHSA-2019:0396)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:0396 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 72.0.3626.96. Security Fixes:...

Security update for kauth (moderate)

openSUSE Security Update: Security update for kauth Announcement ID: openSUSE-SU-2019:0247-1 Rating: moderate References: 1124863 Cross-References: CVE-2019-7443 Affected Products: openSUSE Backports SLE-15 An update that fixes one vulnerability is now available. Description: This update for kaut...

Moderate severity vulnerability that affects Bootstrap.Less, bootstrap, and bootstrap.sass

In Bootstrap 4 before 4.3.1 and Bootstrap 3 before 3.4.1, XSS is possible in the tooltip or popover data-template attribute. For more information, see: https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/...

Moderate severity vulnerability that affects bootstrap and bootstrap-sass

In Bootstrap 4 before 4.3.1 and Bootstrap 3 before 3.4.1, XSS is possible in the tooltip or popover data-template attribute. For more information, see: https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/...

FreeBSD : OpenSSL -- Padding oracle vulnerability (7700061f-34f7-11e9-b95c-b499baebfeaf)

The OpenSSL project reports : 0-byte record padding oracle CVE-2019-1559 Moderate If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte...

RHEL 7 : rhvm-appliance (RHSA-2019:0361)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0361 advisory. The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is availab...

RHEL 7 : kernel (RHSA-2019:0324)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0324 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: userfaultfd bypasses tmpfs file...

GHSA-32F7-CMR3-VPJV Moderate severity vulnerability that affects aioxmpp

Withdrawn: Duplicate of GHSA-6m9g-jr8c-cqw3...

Oracle Linux 7 : bind (ELSA-2019-0194)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0194 advisory. 32:9.9.4-73 - Fixes debug level comments 1647539 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...

RHEL 7 : kernel (RHSA-2019:0202)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0202 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: userfaultfd bypasses tmpfs file...

RHEL 7 : kernel-alt (RHSA-2019:0162)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0162 advisory. The kernel-alt packages provide the Linux kernel version 4.x. Security Fixes: kernel: Heap-based buffer overflow in fs/ext4/xattr.c:ext4xattrsetentry...

Fedora 28 : gnupg2 (2019-e70c729d8a)

Minor update to upstream version 2.2.12 fixing moderate security issue and other bugs. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Privilege Escalation

kernel is vulnerable to privilege escalation attacks. The vulnerability exists as an elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate becau...

Moderate severity vulnerability that affects org.apache.karaf:apache-karaf

Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service...

GHSA-42FP-4HM3-J8R7 Moderate severity vulnerability that affects moin

Cross-site scripting XSS vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main

In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YARN's localization mechanism, that file will be stored in a world-readable location and can be shared freely with any...

RHEL 6 : java-1.8.0-ibm (RHSA-2018:3852)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3852 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

RHEL 7 : kernel (RHSA-2018:3843)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3843 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: NULL pointer dereference in...

CentOS 7 : libvirt (CESA-2018:3113)

An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...