Amazon Linux 2023 : aspnetcore-runtime-8.0, aspnetcore-runtime-dbg-8.0, aspnetcore-targeting-pack-8.0 (ALAS2023-2026-1804)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1804 advisory. Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally. CVE-2026-32177 Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an...

Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2026-1696)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1696 advisory. Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1651)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1651 advisory. In the Linux kernel, the following vulnerability has been resolved:crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of t...

RockyLinux 8 : python27:2.7 (RLSA-2023:5994)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:5994 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note that Nessus...

@restura/core (>=0.1.0-alpha.12 <=2.0.1), @restura/logger (=1.0.1) +42 more potentially affected by CVE-2023-26132 +1 more via dottie (>=2.0.4 <=2.0.6)

dottie NPM version =2.0.4, =0.1.0-alpha.12, =1.3.53, =1.0.25, =1.0.25, =1.0.25, =1.0.25, =1.0.25, =1.0.21, =1.0.25, =1.0.25, =1.0.25, =1.3.44, =1.3.53, =1.3.35, =1.6.11-alpha.1 and more Source cves: CVE-2023-26132, CVE-2026-27837 Source advisory: SNYK:JS-DOTTIE-15360180...

Amazon Linux 2023 : golist (ALAS2023-2026-1382)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1382 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processe...

MiracleLinux 8 : dhcp-4.3.6-49.el8 (AXSA:2023-5859:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5859:04 advisory. dhcp: option refcount overflow when leasequery is enabled leading to dhcpd abort CVE-2022-2928 dhcp: DHCP memory leak CVE-2022-2929 Tenable has...

MiracleLinux 8 : firefox-102.8.0-2.el8.ML.1 (AXSA:2023-5141:10)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5141:10 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...

MiracleLinux 9 : krb5-1.19.1-24.el9 (AXSA:2023-4928:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4928:02 advisory. krb5: integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : tomcat-9.0.62-5.el8.2 (AXSA:2023-6527:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6527:03 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...

MiracleLinux 9 : libwebp-1.2.0-7.el9 (AXSA:2023-6426:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6426:04 advisory. libwebp: Heap buffer overflow in WebP Codec CVE-2023-4863 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : thunderbird-102.8.0-2.el8.ML.1 (AXSA:2023-5135:10)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5135:10 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...

MiracleLinux 9 : thunderbird-115.4.1-1.el9.ML.1 (AXSA:2023-6564:30)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6564:30 advisory. Mozilla: Queued up rendering could have allowed websites to clickjack CVE-2023-5721 Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR...

MiracleLinux 8 : python3.11-3.11.5-1.el8 (AXSA:2023-7136:08)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7136:08 advisory. python: tarfile module directory traversal CVE-2007-4559 python: file path truncation at \0 characters CVE-2023-41105 Tenable has extracted the...

MiracleLinux 8 : thunderbird-102.14.0-1.el8.ML.1 (AXSA:2023-6346:23)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6346:23 advisory. Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation...

MiracleLinux 9 : python3.9-3.9.14-1.el9.2 (AXSA:2023-5191:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5191:01 advisory. Python: CPU denial of service via inefficient IDNA decoder CVE-2022-45061 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 9 : libmicrohttpd-0.9.72-5.el9 (AXSA:2023-6766:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6766:01 advisory. libmicrohttpd: remote DoS CVE-2023-27371 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : device-mapper-multipath-0.8.7-20.el9 (AXSA:2023-5420:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5420:04 advisory. device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 Tenable has extracted the preceding...

MiracleLinux 8 : python27:2.7 (AXSA:2023-6555:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6555:01 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : pcs-0.11.3-4.el9.2.ML.1 (AXSA:2023-5189:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5189:06 advisory. sinatra: Reflected File Download attack CVE-2022-45442 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...