219 matches found
CentOS 8 : python-jinja2 (CESA-2024:3102)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:3102 advisory. - Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary...
CentOS 8 : grafana (CESA-2024:3265)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3265 advisory. - It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE...
CentOS 7 : rhc-worker-script (RHSA-2024:2625)
The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2625 advisory. - An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK sta...
CentOS 9 : sudo-1.9.5p2-10.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the sudo-1.9.5p2-10.el9 build changelog. - Sudo does not escape control characters in log messages CVE-2023-28486 - Sudo does not escape control characters in sudoreplay output...
CentOS 9 : zlib-1.2.11-41.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the zlib-1.2.11-41.el9 build changelog. - MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment...
CentOS 9 : kernel-5.14.0-354.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the kernel-5.14.0-354.el9 build changelog. - A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel's IPv6 functionality when a user makes a new kind of SYN...
CentOS 9 : rpm-4.16.1.3-26.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the rpm-4.16.1.3-26.el9 build changelog. - A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced ...
CentOS 9 : pam-1.5.1-19.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the pam-1.5.1-19.el9 build changelog. - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for...
CentOS 9 : kernel-5.14.0-435.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-435.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: hwrng: core - Fix page fault dead lock on mmap-ed hwrng There is a...
CentOS 8 : firefox (CESA-2024:0955)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:0955 advisory. - When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read...
CentOS 9 : python3.11-pip-22.3.1-4.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the python3.11-pip-22.3.1-4.el9 build changelog. - Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote...
CentOS 9 : curl-7.76.1-21.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the curl-7.76.1-21.el9 build changelog. - When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the...
CentOS 9 : libxml2-2.9.13-2.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the libxml2-2.9.13-2.el9 build changelog. - In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can resu...
CentOS 9 : polkit-0.117-10.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the polkit-0.117-10.el9 build changelog. - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest...
CentOS 9 : texlive-20200406-26.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the texlive-20200406-26.el9 build changelog. - LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs...
CentOS 9 : podman-4.3.0-2.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the podman-4.3.0-2.el9 build changelog. - Non-random values for ticketageadd in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshak...
CentOS 9 : ruby-3.0.2-155.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ruby-3.0.2-155.el9 build changelog. - Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, whic...
CentOS 9 : wavpack-5.4.0-5.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the wavpack-5.4.0-5.el9 build changelog. - heap Out-of-bounds Read CVE-2021-44269 Note that Nessus has not tested for this issue but has instead relied only on the application's self-report...
CentOS 9 : kernel-5.14.0-378.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-378.el9 build changelog. - A null pointer dereference issue was found in can protocol in net/can/afcan.c in the Linux before Linux. mlpriv may not be initialized ...
CentOS 9 : net-snmp-5.9.1-9.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the net-snmp-5.9.1-9.el9 build changelog. - handleipDefaultTTL in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used ...