CBL Mariner 2.0 Security Update: nodejs / nodejs18 / reaper (CVE-2023-42282)

The version of nodejs / nodejs18 / reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-42282 advisory. - The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses such ...

CBL Mariner 2.0 Security Update: grub2 (CVE-2023-4693)

The version of grub2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4693 advisory. - An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue May allow a physically...

CBL Mariner 2.0 Security Update: less (CVE-2024-32487)

The version of less installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32487 advisory. - less through 653 allows OS command execution via a newline character in the name of a file, because quoting is...

CBL Mariner 2.0 Security Update: xinetd (CVE-2013-4342)

The version of xinetd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2013-4342 advisory. - xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these...

CBL Mariner 2.0 Security Update: golang / ig / moby-engine / skopeo (CVE-2022-2879)

The version of golang / ig / moby-engine / skopeo installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2879 advisory. - Reader.Read does not set a limit on the maximum size of file headers. A malicious...

CBL Mariner 2.0 Security Update: libdb (CVE-2017-3613)

The version of libdb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-3613 advisory. - Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Pri...

CBL Mariner 2.0 Security Update: hdf5 (CVE-2024-32619)

The version of hdf5 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32619 advisory. - HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Tcopyreopen in H5T.c, resulting in the...

CBL Mariner 2.0 Security Update: c-ares / nodejs / python-gevent / grpc (CVE-2022-4904)

The version of c-ares / nodejs / python-gevent / grpc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4904 advisory. - A flaw was found in the c-ares package. The aressetsortlist is missing checks...

AlmaLinux 8 : cups (ALSA-2024:4265)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4265 advisory. cups: Cupsd Listen arbitrary chmod 0140777 CVE-2024-35235 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

CBL Mariner 2.0 Security Update: kernel (CVE-2013-2094)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2013-2094 advisory. - The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integ...

CBL Mariner 2.0 Security Update: emacs (CVE-2024-30205)

The version of emacs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-30205 advisory. - In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before...

CBL Mariner 2.0 Security Update: hdf5 (CVE-2024-32609)

The version of hdf5 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32609 advisory. - HDF5 Library through 1.14.3 allows stack consumption in the function H5Eprintfstack in H5Eint.c. CVE-2024-3260...

Slackware Linux 15.0 / current httpd Vulnerability (SSA:2024-185-02)

The version of httpd installed on the remote host is prior to 2.4.61. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-185-02 advisory. New httpd packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

CBL Mariner 2.0 Security Update: reaper (CVE-2024-29041)

The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29041 advisory. - Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alp...

CBL Mariner 2.0 Security Update: rust / tensorflow / curl / mysql (CVE-2023-28319)

The version of rust / tensorflow / curl / mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28319 advisory. - A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a...

CBL Mariner 2.0 Security Update: nodejs / nodejs18 (CVE-2024-21892)

The version of nodejs / nodejs18 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21892 advisory. - On Linux, Node.js ignores certain environment variables if those May have been set by an...

CBL Mariner 2.0 Security Update: openvswitch (CVE-2023-1668)

The version of openvswitch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-1668 advisory. - A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the...

CBL Mariner 2.0 Security Update: blobfuse2 / cert-manager / cf-cli / coredns / cri-tools / etcd (CVE-2023-39325)

The version of blobfuse2 / cert-manager / cf-cli / coredns / cri-tools / etcd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-39325 advisory. - A malicious HTTP/2 client which rapidly creates...

CBL Mariner 2.0 Security Update: guava / javapackages-bootstrap (CVE-2023-2976)

The version of guava / javapackages-bootstrap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2976 advisory. - Use of Java's default temporary directory for file creation in FileBackedOutputStream...

CBL Mariner 2.0 Security Update: grub2 (CVE-2022-3775)

The version of grub2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3775 advisory. - When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's...