Oracle Linux 7 : glibc (ELSA-2019-2118)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2118 advisory. - Mention CVE numbers in the .spec file for CVE-2015-8983 and CVE-2015-8984. - CVE-2016-10739: Reject trailing characters in getaddrinfo 1673465 Tenable has...

Oracle Linux 7 : glibc (ELSA-2018-3092)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3092 advisory. - CVE-2017-16997: Correctly handle DTRPATH 1540480. - CVE-2018-11237: AVX-512 mempcpy for KNL buffer overflow 1579809 - CVE-2018-11236: Path length...

Medium: indent

Issue Overview: GNU indent 2.2.13 has a heap-based buffer overflow in searchbrace in indent.c via a crafted file. CVE-2023-40305 Affected Packages: indent Issue Correction: Run dnf update indent --releasever 2023.1.20230906 or dnf update --advisory ALAS2023-2023-318 --releasever 2023.1.20230906 t...

Oracle Linux 5 : automake (ELSA-2010-0321)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2010-0321 advisory. 1.9.6-2.3 - increase delay in self checks - add delays in aclocal7 self check http://osdir.com/ml/sysutils.automake.bugs/2006-09/msg00012.html - preserve...

Oracle Linux 8 : patch (ELSA-2020-1852)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-1852 advisory. - CVE-2019-13636 , Dont follow symlinks unless --follow-symlinks is given Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 7 : mailman (ELSA-2020-1054)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-1054 advisory. - Resolves: 1599692 - Sanitize input on listinfo page CVE-2018-0618 Tenable has extracted the preceding description block directly from the Oracle Linu...

Oracle Linux 8 : gdb (ELSA-2019-3352)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3352 advisory. 8.2-6.el8 - Fix yum vs dnf messaging for RHEL8 RH BZ 1666249: Add gdb-rhbz1666249-suggest-yum-instead-of-dnf.pattch Do not define DNFDEBUGINFOINSTALL for RHEL. ...

Fedora 37 : indent (2023-67d8bcb63c)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-67d8bcb63c advisory. This release fixes a heap buffer overwrite in searchbrace CVE-2023-40305 and a heap overread in lexi. Tenable has extracted the preceding descriptio...

Oracle Linux 8 : glibc (ELSA-2020-1828)

"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1828 advisory. 2.28-101.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug:...

Oracle Linux 8 : mailman:2.1 (ELSA-2021-4826)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-4826 advisory. - Fix for CVE-2021-42096 - Fix for CVE-2021-42097 Tenable has extracted the preceding description block directly from the Oracle Linux security advisor...

Oracle Linux 6 : glibc (ELSA-2011-1526)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1526 advisory. - Report write error in addmnt even for cached streams 688980, CVE-2011-1089 Tenable has extracted the preceding description block directly from the...

Oracle Linux 8 : gcc (ELSA-2020-1864)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1864 advisory. - CVE-2018-12207 / Intel SKX102 OL8 gcc: Intel Mitigation for CVE: CVE-2018-12207 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 7 : patch (ELSA-2019-2033)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-2033 advisory. - Fixed CVE-2016-10713 - Out-of-bounds access in pchwriteline function - Fixed CVE-2018-6952 - Double free of memory Tenable has extracted the precedin...

Oracle Linux 8 : curl (ELSA-2019-3701)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3701 advisory. - fix SMTP end-of-response out-of-bounds read CVE-2019-3823 - fix NTLMv2 type-3 header stack buffer overflow CVE-2019-3822 - fix NTLM type-2...

Firefox 117 Denial Of Service

This is barely a DoS, but since Chrome has explicit protection against it, we decided to disclose it. If firefox user visits a specially crafted page, then firefox may create many files in /Downloads, The user is notified about this in a small dialog, but there is no option to stop the downloads...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gsl (SUSE-SU-2023:3527-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3527-1 advisory. - A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU...

Oracle Linux 7 : binutils (ELSA-2019-2075)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2075 advisory. 2.27-41.base.0.1 - Complete the backport of upstream commit a5def14f1ca70e14d9433cb229c9369fa3051598 Add a test for R386GOT32/R386GOT32X IFUNC reloc...

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2023-2681)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GNU Scientific Library Buffer Overflow Vulnerability

GNU Scientific Library is an open source scientific computing library developed by the GNU organization , mainly used for C/C++ programs , providing mathematical operations , statistical analysis , linear algebra , etc. more than 1,000 functions , applicable to physical simulation , engineering...

GNU Binutils Denial of Service Vulnerability

GNU Binutils is a set of open source tools for working with binaries such as target files, executables, libraries, etc., mainly used in the areas of compilation, debugging, reverse engineering and so on. A denial of service vulnerability exists in GNU Binutils. An attacker can exploit this...