3349 matches found
CentOS 8 : webkit2gtk3 (CESA-2023:4202)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:4202 advisory. - A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS...
CentOS 8 : systemd (CESA-2023:0837)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:0837 advisory. - A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suiddumpable kernel...
CentOS 8 : libxml2 (CESA-2023:0173)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:0173 advisory. - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, several...
CentOS 8 : libXpm (CESA-2023:0379)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:0379 advisory. - libXpm: Runaway loop on width of 0 and enormous height CVE-2022-44617 - libXpm: Infinite loop on unclosed comments CVE-2022-46285 - libXpm: compressi...
CentOS 8 : systemd (CESA-2023:0100)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:0100 advisory. - An off-by-one Error issue was discovered in Systemd in formattimespan function of time-util.c. An attacker could supply specific values for time and accuracy...
CentOS 8 : openssh (CESA-2023:4419)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:4419 advisory. - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forward...
CentOS 8 : cups-filters (CESA-2023:3425)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3425 advisory. - cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you us...
CentOS 8 : tar (CESA-2023:0842)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:0842 advisory. - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of...
CentOS 8 : firefox (CESA-2023:5184)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:5184 advisory. - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. CVE-2023-5129 - Heap buffer overflow i...
CentOS 8 : firefox (CESA-2023:7508)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:7508 advisory. - On some systemsdepending on the graphics settings and driversit was possible to force an out-of-bounds read and leak memory data into the images...
CentOS 8 : python3.11 (CESA-2023:3594)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3594 advisory. - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank...
CentOS 8 : tigervnc (CESA-2023:1551)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:1551 advisory. - A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overl...
CentOS 8 : firefox (CESA-2023:5433)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:5433 advisory. - During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This vulnerabili...
CentOS 8 : python3 (CESA-2023:3591)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3591 advisory. - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank...
CentOS 8 : libtiff (CESA-2023:0095)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:0095 advisory. - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libti...
CentOS 8 : dmidecode (CESA-2023:5252)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:5252 advisory. - Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausibl...
CentOS 8 : sqlite (CESA-2023:0110)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:0110 advisory. - SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...
CentOS 8 : cups (CESA-2023:4864)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:4864 advisory. - An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. ...
CentOS 8 : pcs (CESA-2023:0855)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:0855 advisory. - Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An...
CentOS 8 : thunderbird (CESA-2023:3588)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:3588 advisory. - The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from...