MiracleLinux 9 : python-idna-2.10-7.el9_4.1 (AXSA:2024-8453:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8453:01 advisory. python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 CVE-2024-3651 RESERVED Tenable has extracted th...

MiracleLinux 8 : opensc-0.20.0-7.el8_9 (AXSA:2024-7353:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7353:02 advisory. OpenSC: Potential PIN bypass when card tracks its own login state CVE-2023-40660 OpenSC: multiple memory issues with pkcs15-init enrollment tool...

MiracleLinux 8 : unbound-1.16.2-5.el8_9.2 (AXSA:2024-7555:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7555:01 advisory. bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resourc...

MiracleLinux 9 : osbuild-composer-101-2.el9_4.ML.1 (AXSA:2024-8870:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8870:04 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...

MiracleLinux 9 : thunderbird-115.13.0-3.el9_4.ML.1 (AXSA:2024-8587:16)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8587:16 advisory. Mozilla: Race condition in permission assignment CVE-2024-6601 Mozilla: Memory corruption in thread creation CVE-2024-6603 Mozilla: Memory safety bu...

MiracleLinux 7 : tigervnc-1.8.0-28.0.1.el7.AXS7 (AXSA:2024-7388:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7388:02 advisory. xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions CVE-2023-6377 xorg-x11-server: out-of-bounds memory read in...

MiracleLinux 7 : tigervnc-1.8.0-31.0.1.el7.AXS7 (AXSA:2024-7502:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7502:06 advisory. xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer CVE-2023-6816 xorg-x11-server: reattaching to different master devi...

MiracleLinux 8 : shim-15.8-4.el8_9.ML.1 (AXSA:2024-7744:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7744:01 advisory. shim: RCE in http boot support may lead to Secure Boot bypass CVE-2023-40547 shim: Interger overflow leads to heap buffer overflow in...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.422.b05-1.0.1.el7.AXS7 (AXSA:2024-8735:15)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8735:15 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK:...

MiracleLinux 7 : linux-firmware-20200421-82.git78c0348.el7 (AXSA:2024-7507:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7507:02 advisory. RCVE-2023-20592 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that Nessus has not tested for...

MiracleLinux 7 : tigervnc-1.8.0-33.0.1.el7.AXS7 (AXSA:2024-7733:08)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7733:08 advisory. xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in...

MiracleLinux 9 : libreoffice-7.1.8.1-12.el9_4.ML.1 (AXSA:2024-8408:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8408:04 advisory. libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution CVE-2023-6185 libreoffice: Insufficient macro permission...

MiracleLinux 9 : dotnet8.0-8.0.100-2.el9_3.ML.1 (AXSA:2024-7409:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7409:03 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...

MiracleLinux 9 : openssh-8.7p1-34.el9_3.3 (AXSA:2024-7578:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7578:02 advisory. ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 openssh: potential command injection via shell metacharacters...

MiracleLinux 9 : libtiff-4.4.0-12.el9 (AXSA:2024-8043:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8043:01 advisory. libtiff: infinite loop via a crafted TIFF file CVE-2022-40090 libtiff: segmentation fault in Fax3Encode in libtiff/tiffax3.c CVE-2023-3618 libtiff:...

MiracleLinux 9 : webkit2gtk3-2.46.3-2.el9_5 (AXSA:2024-9454:08)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9454:08 advisory. webkitgtk: data isolation bypass vulnerability CVE-2024-44309 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : squid:4 (AXSA:2024-7389:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7389:01 advisory. squid: DoS against HTTP and HTTPS CVE-2023-5824 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.402.b06-1.el7 (AXSA:2024-7425:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7425:01 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 9 : skopeo-1.16.1-1.el9 (AXSA:2024-9102:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9102:06 advisory. containers/image: digest type does not guarantee valid type CVE-2024-3727 golang: net: malformed DNS message can cause infinite loop CVE-2024-24788...

MiracleLinux 9 : bubblewrap-0.4.1-8.el9, flatpak-1.12.9-3.el9 (AXSA:2024-9109:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9109:02 advisory. flatpak: Access to files outside sandbox for apps using persistent= --persist CVE-2024-42472 Tenable has extracted the preceding description block directly...