45 matches found
CentOS 9 : kernel-5.14.0-573.el9
"The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-573.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sgrelease Fix a...
CentOS 9 : kernel-5.14.0-554.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-554.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores...
CentOS 9 : kernel-5.14.0-511.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-511.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: pipe: wakeup wrwait after setting maxusage Commit c73be61cede5 pipe...
CentOS 9 : openssl-3.2.2-4.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the openssl-3.2.2-4.el9 build changelog. - SSLselectnextproto buffer overread CVE-2024-5535 Note that Nessus has not tested for this issue but has instead relied only on the application's...
CentOS 9 : kernel-5.14.0-503.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-503.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: nullblk: fix validation of block size Block size should be between...
CentOS 9 : openssl-3.2.2-1.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the openssl-3.2.2-1.el9 build changelog. - Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact...
CentOS 9 : kernel-5.14.0-435.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-435.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: hwrng: core - Fix page fault dead lock on mmap-ed hwrng There is a...
CentOS 9 : pam-1.5.1-19.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the pam-1.5.1-19.el9 build changelog. - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for...
CentOS 9 : kernel-5.14.0-354.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the kernel-5.14.0-354.el9 build changelog. - A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel's IPv6 functionality when a user makes a new kind of SYN...
CentOS 9 : zlib-1.2.11-41.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the zlib-1.2.11-41.el9 build changelog. - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment...
CentOS 9 : sudo-1.9.5p2-10.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the sudo-1.9.5p2-10.el9 build changelog. - Sudo does not escape control characters in log messages CVE-2023-28486 - Sudo does not escape control characters in sudoreplay output...
CentOS 9 : rpm-4.16.1.3-26.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the rpm-4.16.1.3-26.el9 build changelog. - A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced ...
CentOS 9 : libxml2-2.9.13-2.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the libxml2-2.9.13-2.el9 build changelog. - In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can resu...
CentOS 9 : python3.11-pip-22.3.1-4.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the python3.11-pip-22.3.1-4.el9 build changelog. - Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote...
CentOS 9 : python-dateutil-2.8.1-7.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the python- dateutil-2.8.1-7.el9 build changelog. - Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote...
CentOS 9 : curl-7.76.1-21.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the curl-7.76.1-21.el9 build changelog. - When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the...
CentOS 9 : tomcat-9.0.62-14.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the tomcat-9.0.62-14.el9 build changelog. - not including the secure attribute causes information CVE-2023-28708 - The fix for CVE-2023-24998 was incomplete for Apache Tomcat...
CentOS 9 : sysstat-12.5.4-4.el9
The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the sysstat-12.5.4-4.el9 build changelog. - sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1,...
CentOS 9 : krb5-1.19.1-22.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the krb5-1.19.1-22.el9 build changelog. - The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/dotgsreq.c...
CentOS 9 : swtpm-0.7.0-2.20211109gitb79fd91.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the swtpm-0.7.0-2.20211109gitb79fd91.el9 build changelog. - swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, an...