MiracleLinux 8 : firefox-102.15.1-1.el8.ML.1 (AXSA:2023-6441:35)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-6441:35 advisory. libwebp: Heap buffer overflow in WebP Codec CVE-2023-4863 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : rsyslog-8.2102.0-7.el8.1 (AXSA:2022-3666:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3666:04 advisory. rsyslog: Heap-based overflow in TCP syslog server CVE-2022-24903 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

MiracleLinux 9 : zziplib-0.13.71-11.el9 (AXSA:2024-7802:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7802:01 advisory. zziplib: invalid memory access at zzipdiskentrytofileheader in mmapped.c CVE-2020-18770 Tenable has extracted the preceding description block directly from t...

MiracleLinux 9 : curl-7.76.1-19.el9.1 (AXSA:2023-5060:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5060:03 advisory. curl: POST following PUT confusion CVE-2022-32221 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Not...

MiracleLinux 4 : bind-9.8.2-0.68.8.0.4.rc1.AXS4 (AXSA:2021-1735:07)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1735:07 advisory. Security Fix - BIND named named CVE-2021-25215 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 8 : flatpak-1.8.7-1.el8 (AXSA:2022-3593:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3593:03 advisory. flatpak: Permissions granted to applications can be hidden from the user at install time CVE-2021-43860 Tenable has extracted the preceding description block...

MiracleLinux 8 : libmspack-0.7-0.3.alpha.el8.4 (AXSA:2020-287:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-287:01 advisory. libmspack: buffer overflow in function chmdreadheaders CVE-2019-1010305 Tenable has extracted the preceding description block directly from the MiracleLinux...

Debian: Security Advisory (DLA-4441-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-a4a01fb680)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2026-b38fe572ef)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 7 : firefox-78.4.1-1.0.1.el7.AXS7 (AXSA:2020-940:25)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-940:25 advisory. Mozilla: Write side effects in MCallGetProperty opcode not accounted for CVE-2020-26950 Tenable has extracted the preceding description block directly from th...

Oracle Linux 9 : gpsd-minimal (ELSA-2026-0771)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0771 advisory. 1:3.26.1-1.0.1.el97.1 - Replaced upstream reference Orabug: 35865525 Tenable has extracted the preceding description block directly from the Oracle Lin...

MiracleLinux 7 : skopeo-0.1.40-11.0.1.el7.AXS7 (AXSA:2020-198:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-198:02 advisory. containers/image: Container images read entire image manifest into memory CVE-2020-1702 Tenable has extracted the preceding description block directly from th...

MiracleLinux 8 : libssh-0.9.6-3.el8 (AXSA:2022-3399:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3399:01 advisory. libssh: possible heap-based buffer overflow when rekeying CVE-2021-3634 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 4 : ppp-2.4.5-11.AXS4 (AXSA:2020-4482:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4482:02 advisory. ppp: Buffer overflow in the eaprequest and eapresponse functions in eap.c CVE-2020-8597 Tenable has extracted the preceding description block directly from t...

Fedora 42 : libtpms (2026-14ecf2c0cd)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-14ecf2c0cd advisory. Upgrade to libtpms 0.10.2 fixing CVE-2026-21444 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Deno has an incomplete fix for command-injection prevention on Windows — case-insensitive extension bypass

Summary A prior patch aimed to block spawning Windows batch/shell files by returning an error when a spawned path’s extension matched .bat or .cmd. That check performs a case-sensitive comparison against lowercase literals and therefore can be bypassed when the extension uses alternate casing for...

SUSE: Security Advisory (SUSE-SU-2026:0121-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.503.AXS4.5 (AXSA:2018-2620:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2620:02 advisory. Qemu: cirrus: OOB access issue in mode4and5 write functions CVE-2017-15289 Tenable has extracted the preceding description block directly from the MiracleLin...

MiracleLinux 7 : systemd-219-62.el7.5 (AXSA:2019-3771:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3771:02 advisory. Security Fix - systemd PID1 PID1 systemd CVE-2019-6454 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the...