CentOS 8 : container-tools:3.0 (CESA-2022:1565)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:1565 advisory. - podman: Default inheritable capabilities for linux container should be empty CVE-2022-27649 - buildah: Default inheritable capabilities for linux...

CentOS: Security Advisory for firefox (CESA-2021:5014)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS 8 : postgresql:12 (CESA-2021:5235)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:5235 advisory. - postgresql: server processes unencrypted bytes from man-in-the-middle CVE-2021-23214 - postgresql: memory disclosure in certain queries CVE-2021-3677...

CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2021:5238)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:5238 advisory. - QEMU: net: e1000: infinite loop while processing transmit descriptors CVE-2021-20257 - QEMU: off-by-one error in modesensepage in hw/scsi/scsi-disk.c...

CentOS 8 : postgresql:13 (CESA-2021:5236)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:5236 advisory. - postgresql: server processes unencrypted bytes from man-in-the-middle CVE-2021-23214 - postgresql: memory disclosure in certain queries CVE-2021-3677...

CentOS 7 : log4j (RHSA-2021:5206)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:5206 advisory. - JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can...

CentOS 8 : idm:DL1 (CESA-2021:5142)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:5142 advisory. - samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets CVE-2020-25719 Note that Nessus has not tested for this issue but has instead...

CentOS 8 : go-toolset:rhel8 (CESA-2021:5160)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:5160 advisory. - golang: net/http: limit growth of header canonicalization cache CVE-2021-44716 - golang: syscall: don't close fd 0 on ForkExec error CVE-2021-44717...

CentOS 8 : nodejs:16 (CESA-2021:5171)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:5171 advisory. - nodejs-glob-parent: Regular expression denial of service CVE-2020-28469 - nodejs-ini: Prototype pollution via malicious INI file CVE-2020-7788 -...

CentOS 8 : thunderbird (CESA-2021:5045)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:5045 advisory. - Mozilla: JavaScript unexpectedly enabled for the composition area CVE-2021-43528 - Mozilla: URL leakage when navigating while executing asynchronous...

CentOS 8 : firefox (CESA-2021:5013)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2021:5013 advisory. - Mozilla: URL leakage when navigating while executing asynchronous function CVE-2021-43536 - Mozilla: Heap buffer overflow when using structured clone...

CentOS: Security Advisory for mailman (CESA-2021:4913)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS: Security Advisory for krb5-devel (CESA-2021:4788)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS 8 : mailman:2.1 (CESA-2021:4916)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:4916 advisory. - mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover CVE-2021-44227 Note that Nessus has not tested for this issue but has instead...

CentOS: Security Advisory for openssh (CESA-2021:4782)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CentOS 8 : gcc-toolset-10-annobin (CESA-2021:4592)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:4592 advisory. - Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 Note that Nessus has not tested for thi...

CentOS 8 : kernel-rt (CESA-2021:4646)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4646 advisory. - kernel: timer tree corruption leads to missing wakeup and system freeze CVE-2021-20317 - kernel: Insufficient validation of user-supplied sizes for t...

CentOS 8 : freerdp (CESA-2021:4622)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4622 advisory. - freerdp: improper client input validation for gateway connections allows to overwrite memory CVE-2021-41159 - freerdp: improper region checks in all...

CentOS 8 : gcc-toolset-11-gcc (CESA-2021:4586)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:4586 advisory. - Developer environment: Unicode's bidirectional BiDi override characters can cause trojan source attacks CVE-2021-42574 Note that Nessus has not tested for thi...

CentOS: Security Advisory for bpftool (CESA-2021:3801)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...