CentOS 7 : kpatch-patch (RHSA-2021:0862)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0862 advisory. - In drivers/target/targetcorexcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by...

CentOS 6 : chromium-browser (RHSA-2020:2064)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2064 advisory. - Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

CentOS 7 : kernel-alt (RHSA-2021:0354)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0354 advisory. - Use-after-free vulnerability in fs/blockdev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by...

Fedora 40 : perl-App-cpanminus (2024-aaa468ae4f)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-aaa468ae4f advisory. Patch the code to use https instead of http CVE-2024-45321 Tenable has extracted the preceding description block directly from the Fedora security advisory...

CentOS 7 : php-pear (RHSA-2022:7340)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:7340 advisory. - ArchiveTar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. CVE-2020-28948 - ArchiveTar through...

CentOS 7 : thunderbird (RHSA-2022:9079)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9079 advisory. - If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER...

CentOS 7 : firefox (RHSA-2021:1363)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1363 advisory. - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as wel...

CentOS 7 : libwebp (RHSA-2021:2260)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2260 advisory. - A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16. CVE-2018-25011 - A flaw was found in libwebp in versions befor...

CentOS 7 : firefox (RHSA-2021:0290)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0290 advisory. - When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted t...

Mozilla Firefox ESR < 128.3.1

The version of Firefox ESR installed on the remote Windows host is prior to 128.3.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-51 advisory. - An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation...

CentOS 7 : kernel (RHSA-2020:4276)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4276 advisory. - Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. CVE-2020-1235...

EulerOS 2.0 SP11 : openjpeg2 (EulerOS-SA-2024-2587)

According to the versions of the openjpeg2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an...

CentOS 7 : kpatch-patch (RHSA-2021:2285)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2285 advisory. - An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to...

CentOS 6 : chromium-browser (RHSA-2020:1350)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1350 advisory. - Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTM...

Mitsubishi Electric MELSEC iQ-F FX5-OPC Denial of Service (CVE-2024-0727)

A Denial-of-Service DoS vulnerability due to NULL Pointer Dereference when processing PKCS12 format certificate exists in OpenSSL installed on MELSEC iQ-F OPC UA Unit. Because OpenSSL does not correctly check if a certain field in the PKCS12 format certificate is NULL, a NULL pointer dereference...

CentOS 7 : kpatch-patch (RHSA-2022:1185)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1185 advisory. - A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to...

EulerOS 2.0 SP11 : vim (EulerOS-SA-2024-2570)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source command line text editor. double-free in dialogchanged in Vim v9.1.0648. When abandoning a buffer, Vim may ask the user what to...

CentOS 7 : grub2 (RHSA-2022:8900)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8900 advisory. - Integer underflow in grubnetrecvip4packets; A malicious crafted IP packet can lead to an integer underflow in grubnetrecvip4packets function on rsm-totallen...

CentOS 7 : firefox (RHSA-2020:1338)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1338 advisory. - Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after- free. We are aware of targeted attacks in t...

Ubuntu 22.04 LTS / 24.04 LTS : OATH Toolkit vulnerability (USN-7059-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7059-1 advisory. Fabian Vogt discovered that OATH Toolkit incorrectly handled file permissions. A remote attacker could possibly use this issue to overwrite root owned...