CentOS 8 : grafana (CESA-2024:3265)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3265 advisory. - It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE...

CentOS 8 : python-jinja2 (CESA-2024:3102)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:3102 advisory. - Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary...

CentOS 8 : gstreamer1-plugins-bad-free (CESA-2024:3060)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3060 advisory. - GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code...

CentOS 8 : python3.11-cryptography (CESA-2024:3105)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:3105 advisory. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or...

CentOS 8 : firefox (CESA-2024:0955)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:0955 advisory. - When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read...

CentOS 8 : unbound (CESA-2024:0965)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0965 advisory. - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU...

CentOS 8 : thunderbird (CESA-2023:1802)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:1802 advisory. - OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted...

CentOS 8 : cups (CESA-2023:7165)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7165 advisory. - OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker ...

CentOS 8 : firefox (CESA-2023:3220)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:3220 advisory. - In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and...

CentOS 8 : libreswan (CESA-2023:2122)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:2122 advisory. - pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The...

CentOS 8 : tomcat (CESA-2024:0125)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0125 advisory. - URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from...

CentOS 8 : openssl (CESA-2023:7877)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7877 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheck...

CentOS 8 : postgresql:12 (CESA-2023:7714)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7714 advisory. - IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quotin...

CentOS 8 : wireshark (CESA-2023:7015)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7015 advisory. - Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to...

CentOS 8 : webkit2gtk3 (CESA-2023:7055)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7055 advisory. - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6...

CentOS 8 : librabbitmq (CESA-2023:7150)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:7150 advisory. - An issue was discovered in the C AMQP client library aka rabbitmq-c through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line e.g., for...

CentOS 8 : postgresql:15 (CESA-2023:5269)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:5269 advisory. - schemaelement defeats protective searchpath changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with...

CentOS 8 : xorg-x11-server (CESA-2023:2806)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:2806 advisory. - A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function GetCountedString of the file...

CentOS 8 : grafana (CESA-2023:2784)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:2784 advisory. - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closin...

CentOS 8 : git (CESA-2023:2859)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:2859 advisory. - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untruste...