159 matches found
Fedora 38 : freeglut (2024-0356803680)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-0356803680 advisory. Patch for CVE-2024-24258 and CVE-2024-24259 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
Splunk Enterprise 9.0.0 < 9.0.8, 9.1.0 < 9.1.3 (SVD-2024-0105)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0105 advisory. - In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store KV Store improperly handles permissions for...
GitLab 6.6 < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-3514)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 6.6 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. An...
FreeBSD : putty -- add protocol extension against 'Terrapin attack' (91955195-9ebb-11ee-bc14-a703705db3a6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 91955195-9ebb-11ee-bc14-a703705db3a6 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...
Amazon Linux 2023 : perl, perl-Attribute-Handlers, perl-AutoLoader (ALAS2023-2023-448)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-448 advisory. 2024-02-01: CVE-2023-47100 was added to this advisory. A crafted regular expression when compiled by perl 5.30.0 through 5.38.0 can cause a one-byte attacker controlled buffer overflow in a hea...
Ubuntu 20.04 LTS : Firefox regressions (USN-6509-2)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6509-2 advisory. USN-6509-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience...
Oracle Linux 9 : python-wheel (ELSA-2023-6712)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6712 advisory. - Security fix for CVE-2022-40898 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...
Rocky Linux 8 : container-tools:3.0 (RLSA-2021:4222)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4222 advisory. - An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds e.g. Dockerfile RUN...
Rocky Linux 8 : lua (RLSA-2019:3706)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2019:3706 advisory. - Lua 5.3.5 has a use-after-free in luaupvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a...
Microsoft Edge (Chromium) < 118.0.2088.88 / 119.0.2151.44 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 118.0.2088.88 / 119.0.2151.44. It is, therefore, affected by multiple vulnerabilities as referenced in the November 2, 2023 advisory. - Microsoft Edge Chromium-based Remote Code Execution Vulnerability CVE-2023-36022,...
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2023-055)
The version of kernel installed on the remote host is prior to 5.4.258-171.360. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2023-055 advisory. 2024-07-03: CVE-2023-52573 was added to this advisory. 2024-07-03: CVE-2023-52522 was added to this...
SUSE SLES12 Security Update : curl (SUSE-SU-2023:4043-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4043-1 advisory. - CVE-2023-38545: Fixed a heap buffer overflow in SOCKS5. bsc1215888 - CVE-2023-38546: Fixed a cookie injection with none file...
Fedora 37 : firefox (2023-09ec498a2a)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-09ec498a2a advisory. This update is intended to fix all the issues with broken launchers and KDE crashes that were caused by changes to the .desktop files in recent...
SUSE SLES15 / openSUSE 15 Security Update : grafana (SUSE-SU-2023:3886-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:3886-1 advisory. - CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server while validating...
Oracle Linux 8 : wavpack (ELSA-2020-1581)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1581 advisory. - CVE-2018-19841 - CVE-2019-1010317 - CVE-2019-1010315 - CVE-2019-11498 - CVE-2018-19840 Tenable has extracted the preceding description block directly...
Oracle Linux 5 : ELSA-2016-2962-1: / kernel (ELSA-2016-29621)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-29621 advisory. - Use-after-free vulnerability in the sysrecvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code v...
FreeBSD : electron22 -- multiple vulnerabilities (579c7489-c23d-454a-b0fc-ed9d80ea46e0)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 579c7489-c23d-454a-b0fc-ed9d80ea46e0 advisory. - Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote...
Splunk Enterprise 8.2.0 < 8.2.12, 9.0.0 < 9.0.6, 9.1.0 < 9.1.1 (SVD-2023-0804)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0804 advisory. - In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can execute a specially crafted query that the...
Fedora 38 : opensc (2023-29530cc60b)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-29530cc60b advisory. Fix buffer overrun vulnerability 2211088, fixes CVE-2023-2977 Tenable has extracted the preceding description block directly from the Fedora securit...
AlmaLinux 8 : libcap (ALSA-2023:4524)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4524 advisory. - A vulnerability was found in the pthreadcreate function in libcap. This issue may allow a malicious actor to use cause realpthreadcreate to return an...