RHEL 8 : mariadb:10.5 (RHSA-2026:0295)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0295 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB: mariadb-dump...

Important: Red Hat Security Advisory: postgresql:16 security update

An update for the postgresql:16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 8 : tmux (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - tmux: null pointer dereference in windowpanesetevent in window.c CVE-2022-47016 Note that Nessus has not tested for...

RHEL 8 : apache-ivy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - apache-ivy: XML External Entity vulnerability CVE-2022-46751 Note that Nessus has not tested for this issue but has...

RHEL 8 : mysql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - mysql: pid file can be created in a world-writeable directory CPU Apr 2018 CVE-2018-2773 Note that Nessus has not...

RHEL 8 : 8.3_nbdkit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nbdkit: NBDOPTSTRUCTUREDREPLY injection on STARTTLS CVE-2021-3716 Note that Nessus has not tested for this issue bu...

RHEL 8 : curl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - curl: SFTP path resolving discrepancy CVE-2023-27534 Note that Nessus has not tested for this issue but has instead...

RHEL 8 : 5_redis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - redis: integer overflow in the getnum function in luastruct.c could lead to a DoS CVE-2020-14147 Note that Nessus h...

RHEL 8 : jdbc-postgresql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - postgresql: SQL Injection in ResultSet.refreshRow with malicious column names CVE-2022-31197 Note that Nessus has n...

RHEL 8 : gnutls (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - GnuTLS: Null pointer dereference in MDUPDATE CVE-2021-4209 Note that Nessus has not tested for this issue but has...

RHEL 8 : wildmidi (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - wildmidi: Heap-based Buffer Overflow in WildMidiOpen CVE-2017-1000418 Note that Nessus has not tested for this issu...

RHEL 8 : rhel_qemu-kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - QEMU: virtiofsd: guest may open maximum file descriptor to cause DoS CVE-2020-10717 Note that Nessus has not tested...

RHEL 8 : stf_sg-core-rhel8 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - golang: syscall: faccessat checks wrong group CVE-2022-29526 Note that Nessus has not tested for this issue but has...

RHEL 8 : tigervnc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xorg-x11-server: Use-after-free bug in DamageDestroy CVE-2023-5574 Note that Nessus has not tested for this issue b...

RHEL 8 : podman (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - podman: Privilege escalation in API component CVE-2019-25067 Note that Nessus has not tested for this issue but has...

RHEL 8 : lodash (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - lodash: Prototype pollution in utilities function CVE-2018-3721 Note that Nessus has not tested for this issue but...

PT-2023-8785 · Unknown +3 · Ghostscript +3

Name of the Vulnerable Software and Affected Versions: Ghostscript versions affected versions not specified Description: A flaw was found in ghostscript, related to a buffer overflow issue. This issue affects the ghostscript package as shipped with Red Hat Enterprise Linux 8. Exploitation of this...

RHEL 8 : thunderbird (RHSA-2023:0601)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0601 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.7.1. Security Fixes: Mozilla: Revocati...

RHEL 8 : libgcrypt (RHSA-2022:5311)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5311 advisory. The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fixes: libgcrypt: ElGamal implementation...

Vulnerability fixed in libxml2

A vulnerability has been fixed in libxml2. The vulnerability allows a remote malicious party the ability to cause a denial-of-service cause. The developers of libxml2 have released an update to fix the vulnerability: https://gitlab.gnome.org/GNOME/libxml2/-/commit...