AlmaLinux 9 : unbound:1.16.2 (ALSA-2024:11232)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11232 advisory. unbound: Unbounded name compression could lead to Denial of Service CVE-2024-8508 Tenable has extracted the preceding description block directly from the AlmaLinu...

AlmaLinux 8 : python3.11 (ALSA-2024:10979)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:10979 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : libsndfile (ALSA-2024:11192)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:11192 advisory. libsndfile: Segmentation fault error in oggvorbis.c:417 vorbisanalysiswrote CVE-2024-50612 Tenable has extracted the preceding description block directly from the...

AlmaLinux 9 : kernel (ALSA-2024:9605)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:9605 advisory. kernel: net: nexthop: Initialize all fields in dumped nexthops CVE-2024-42283 kernel: iommufd: Require drivers to supply the cacheinvalidateuser ops...

AlmaLinux 9 : libtiff (ALSA-2024:8914)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8914 advisory. libtiff: NULL pointer dereference in tifdirinfo.c CVE-2024-7006 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

AlmaLinux 8 : python3.11-urllib3 (ALSA-2024:8843)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:8843 advisory. urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 Tenable has extracted the preceding description block...

AlmaLinux 8 : krb5 (ALSA-2024:8860)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8860 advisory. freeradius: forgery attack CVE-2024-3596 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessus has...

AlmaLinux 9 : openexr (ALSA-2024:8800)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8800 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : firefox (ALSA-2024:8729)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:8729 advisory. firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox: thunderbird: XS...

AlmaLinux 9 : java-21-openjdk (ALSA-2024:8127)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8127 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-21210 JDK...

AlmaLinux 9 : java-11-openjdk (ALSA-2024:8121)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8121 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-21210 JDK...

AlmaLinux 9 : java-17-openjdk (ALSA-2024:8124)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8124 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-21210 JDK...

AlmaLinux 9 : skopeo (ALSA-2024:8111)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8111 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156 Tenable...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2024:8038)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8038 advisory. golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 go/parser: golang: Calling...

AlmaLinux 8 : firefox (ALSA-2024:7977)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:7977 advisory. firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 8 : thunderbird (ALSA-2024:8024)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:8024 advisory. firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : OpenIPMI (ALSA-2024:8037)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8037 advisory. openipmi: missing check on the authorization type on incoming LAN messages in IPMI simulator CVE-2024-42934 Tenable has extracted the preceding description block...

AlmaLinux 9 : firefox (ALSA-2024:7958)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:7958 advisory. firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 9 : podman (ALSA-2024:8039)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8039 advisory. go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion CVE-2024-34155 encoding/gob:...

AlmaLinux 9 : .NET 6.0 (ALSA-2024:7867)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:7867 advisory. dotnet: System.IO.Packaging - Multiple DoS vectors in use of SortedList CVE-2024-43484 dotnet: Denial of Service in System.Text.Json CVE-2024-43485 dotnet...