Photon OS 4.0: Rubygem PHSA-2025-4.0-0804

An update of the rubygem package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0804. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2023-23003

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmapnew return value. CVE-2023-23003 Note that Nessus relies on the presence of...

Linux Distros Unpatched Vulnerability : CVE-2022-45885

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbfrontend.c has a race condition that can cause a use-after-free when a devi...

Linux Distros Unpatched Vulnerability : CVE-2024-41060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/radeon: check bova-bo is non-NULL before using it The call to radeonvmclearfreed might clear bova-bo, so we have to check it before dereferencing it...

Linux Distros Unpatched Vulnerability : CVE-2024-38581

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu/mes: fix use-after-free issue Delete fence fallback timer to fix the ramdom use-after-free issue. v2: move to amdgpumes.c CVE-2024-38581 Note that...

Linux Distros Unpatched Vulnerability : CVE-2022-48844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix leaking sentcmd skb sentcmd memory is not freed before freeing hcide...

Linux Distros Unpatched Vulnerability : CVE-2023-52747

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Restore allocated resources on failed copyout Fix a resource leak if an error occur...

Linux Distros Unpatched Vulnerability : CVE-2024-42278

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: TAS2781: Fix tasdevloadcalibrateddata This function has a reversed if statement so it'...

Linux Distros Unpatched Vulnerability : CVE-2021-47359

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cifs: Fix soft lockup during fsstress Below traces are observed during fsstress and system g...

Linux Distros Unpatched Vulnerability : CVE-2022-48831

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ima: fix reference leak in asymmetricverify Don't leak a reference to the key if its algorit...

Linux Distros Unpatched Vulnerability : CVE-2023-28464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hciconncleanup in net/bluetooth/hciconn.c in the Linux kernel through 6.2.9 has a use-after-free observed in hciconnhashflush because of calls to hcidevput and...

Linux Distros Unpatched Vulnerability : CVE-2023-52734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. CVE-2023-52734 Note that Nessus relies on the presence of the packag...

Linux Distros Unpatched Vulnerability : CVE-2022-48783

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiqgswip: fix use after free in gswipremove...

Linux Distros Unpatched Vulnerability : CVE-2016-3492

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availabilit...

Linux Distros Unpatched Vulnerability : CVE-2015-7705

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted...

Linux Distros Unpatched Vulnerability : CVE-2017-9188

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libautotrace.a in AutoTrace 0.31.1 has a left shift ... cannot be represented in type int issue in input-bmp.c:516:63. CVE-2017-9188 Note that Nessus relies on...

Linux Distros Unpatched Vulnerability : CVE-2017-12176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to crash or...

Azure Linux 3.0 Security Update: socat (CVE-2024-54661)

The version of socat installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-54661 advisory. - readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file. CVE-2024-54661 Note that Nessus has...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : hplip (SUSE-SU-2024:4089-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:4089-1 advisory. - hpmud: sanitize printer serial number bsc1209401 Tenable has extracted the preceding description block...

[AJECT] NoticeWare IMAP Email Server 4.6.2 DoS vulnerability

---------------------------------------- Synopsis ---------------------------------------- NoticeWare Email Server NG 4.6.2 is vulnerable to denial-of-service DoS attacks. The IMAP server crashes after receiving several large LOGIN messages. Product: NoticeWare Email Server NG Version: 4.6.3 and...