3349 matches found
CentOS: Security Advisory for gstreamer1-plugins-bad-free (CESA-2024:0013)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : edk2 (CESA-2024:1063)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:1063 advisory. - EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be...
CentOS 8 : unbound (CESA-2024:0965)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0965 advisory. - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause a denial of service CPU...
CentOS 8 : opensc (CESA-2024:0967)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:0967 advisory. - A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side- channel resistant. This issue may result in the potenti...
python security update
CentOS Errata and Security Advisory CESA-2024:0857 An update for python-pillow is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
CentOS 8 : sudo (CESA-2024:0811)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:0811 advisory. - Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 - Sudo before 1.9.13 does not escape control characters in...
CentOS 8 : python-pillow (CESA-2024:0893)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:0893 advisory. - Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which wa...
CentOS 8 : edk2 (CESA-2024:0888)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:0888 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or...
CentOS 8 : firefox (CESA-2024:0608)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:0608 advisory. - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affec...
CentOS 8 : nss (CESA-2024:0786)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:0786 advisory. - Multiple NSS NIST curves were susceptible to a side-channel attack known as Minerva. This attack could potentially allow an attacker to recover the private ke...
CentOS 8 : apr-util (CESA-2023:3109)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3109 advisory. - Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a...
CentOS 8 : dbus (CESA-2023:0096)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:0096 advisory. - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause...
CentOS 8 : nghttp2 (CESA-2023:5837)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:5837 advisory. - The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wi...
CentOS 8 : thunderbird (CESA-2023:5201)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:5201 advisory. - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. CVE-2023-5129 - Heap buffer overflow i...
CentOS 8 : linux-firmware (CESA-2023:5245)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:5245 advisory. - An issue in Zen 2 CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. CVE-2023-20593 Not...
CentOS 8 : cups (CESA-2023:4864)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:4864 advisory. - An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. ...
CentOS 8 : python3.11 (CESA-2023:7024)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:7024 advisory. - Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers t...
CentOS 8 : python-requests (CESA-2023:4520)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2023:4520 advisory. - Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS...
CentOS 8 : pcs (CESA-2023:0855)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:0855 advisory. - Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An...
CentOS 8 : binutils (CESA-2023:6236)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:6236 advisory. - An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of...