CentOS 6 : kernel (RHSA-2020:3548)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3548 advisory. - The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service NULL pointer dereference and...

EulerOS 2.0 SP11 : gtk2 (EulerOS-SA-2024-2555)

According to the versions of the gtk2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current...

RHEL 8 : .NET 8.0 (RHSA-2024:7868)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:7868 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

Mozilla Firefox < 131.0.2

The version of Firefox installed on the remote Windows host is prior to 131.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-51 advisory. - An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. ...

CentOS 7 : kpatch-patch (RHSA-2021:3381)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3381 advisory. - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or...

CentOS 7 : buildah (RHSA-2020:1231)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1231 advisory. - The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This...

Fedora 39 : perl-App-cpanminus (2024-78e43b4de6)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-78e43b4de6 advisory. Patch the code to use https instead of http CVE-2024-45321 Tenable has extracted the preceding description block directly from the Fedora security advisory...

CentOS 7 : podman (RHSA-2022:2190)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:2190 advisory. - A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded...

CentOS 7 : firefox (RHSA-2022:6997)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:6997 advisory. - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus has not tested for this issue but has...

CBL Mariner 2.0 Security Update: oath-toolkit (CVE-2024-47191)

The version of oath-toolkit installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47191 advisory. - pamoath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because...

RHEL 8 : openssl (RHSA-2024:7846)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:7846 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

CentOS 7 : skopeo (RHSA-2020:2681)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2681 advisory. - A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using...

CentOS 7 : qemu-kvm (RHSA-2020:1208)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1208 advisory. - In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code. CVE-2020-8608 Note that Nessus...

EulerOS 2.0 SP11 : python-lxml (EulerOS-SA-2024-2565)

According to the versions of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An XML External Entity XXE vulnerability in the ebookmeta.getmetadata function of lxml before v4.9.1 allows attackers to access sensitive...

CentOS 7 : kpatch-patch (RHSA-2021:4798)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4798 advisory. - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because the ctx is reached via the ctxlist in so...

CentOS 7 : kpatch-patch (RHSA-2021:3441)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3441 advisory. - A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classificatio...

Juniper Junos OS Vulnerability (JSA88131)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA88131 advisory. - A NULL Pointer Dereference vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on MX304, MX with MPC10/11/LC9600, and EX9200 with EX9200-15C...

CentOS 6 : chromium-browser (RHSA-2020:0779)

The remote CentOS Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0779 advisory. - Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML pag...

CentOS 7 : etcd (RHSA-2021:1407)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1407 advisory. - In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a...

CentOS 7 : kpatch-patch (RHSA-2021:2285)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2285 advisory. - An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to...