CentOS 9 : kernel-5.14.0-573.el9

"The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-573.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sgrelease Fix a...

CentOS 9 : kernel-5.14.0-554.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-554.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores...

CentOS 9 : kernel-5.14.0-503.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-503.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: nullblk: fix validation of block size Block size should be between...

CentOS 9 : openssl-3.2.2-4.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the openssl-3.2.2-4.el9 build changelog. - SSLselectnextproto buffer overread CVE-2024-5535 Note that Nessus has not tested for this issue but has instead relied only on the application's...

CentOS 9 : openssl-3.2.2-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the openssl-3.2.2-1.el9 build changelog. - Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact...

CentOS 9 : zlib-1.2.11-41.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the zlib-1.2.11-41.el9 build changelog. - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment...

CentOS 9 : pam-1.5.1-19.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the pam-1.5.1-19.el9 build changelog. - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for...

CentOS 9 : sudo-1.9.5p2-10.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the sudo-1.9.5p2-10.el9 build changelog. - Sudo does not escape control characters in log messages CVE-2023-28486 - Sudo does not escape control characters in sudoreplay output...

CentOS 9 : kernel-5.14.0-435.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-435.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: hwrng: core - Fix page fault dead lock on mmap-ed hwrng There is a...

CentOS 9 : rpm-4.16.1.3-26.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the rpm-4.16.1.3-26.el9 build changelog. - A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced ...

CentOS 9 : kernel-5.14.0-354.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the kernel-5.14.0-354.el9 build changelog. - A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel's IPv6 functionality when a user makes a new kind of SYN...

CentOS 9 : grafana-9.0.9-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the grafana-9.0.9-1.el9 build changelog. - XSS CVE-2021-23648 - Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users...

CentOS 9 : tomcat-9.0.62-14.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the tomcat-9.0.62-14.el9 build changelog. - not including the secure attribute causes information CVE-2023-28708 - The fix for CVE-2023-24998 was incomplete for Apache Tomcat...

CentOS 9 : unbound-1.16.2-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the unbound-1.16.2-3.el9 build changelog. - A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various DNS resolving software. The...

CentOS 9 : NetworkManager-1.43.10-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the NetworkManager-1.43.10-1.el9 build changelog. - It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path...

CentOS 9 : xorg-x11-server-Xwayland-21.1.3-5.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the xorg-x11-server-Xwayland-21.1.3-5.el9 build changelog. - A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in...

CentOS 9 : vim-8.2.2637-20.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the vim-8.2.2637-20.el9 build changelog. - no check if the return value of XChangeGC is NULL CVE-2022-47024 Note that Nessus has not tested for this issue but has instead relied only on the...

CentOS 9 : pixman-0.40.0-6.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the pixman-0.40.0-6.el9 build changelog. - In libpixman in Pixman before 0.42.2, there is an out-of-bounds write aka heap-based buffer overflow in rasterizeedges8 due to an integer overflow...

CentOS 9 : grafana-pcp-5.1.1-1.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the grafana- pcp-5.1.1-1.el9 build changelog. - net/http: handle server errors after sending GOAWAY CVE-2022-27664 Note that Nessus has not tested for this issue but has instead relied only...

CentOS 9 : curl-7.76.1-21.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the curl-7.76.1-21.el9 build changelog. - When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the...