MiracleLinux 8 : container-tools:rhel8 (AXSA:2024-7515:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7515:01 advisory. runc: file descriptor leak CVE-2024-21626 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 4 : firefox-68.4.1-1.0.1.AXS4 (AXSA:2020-4433:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4433:02 advisory. Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement CVE-2019-17026 Mozilla: Bypass of @namespace CSS sanitization durin...

MiracleLinux 8 : mod_auth_mellon-0.14.0-11.el8 (AXSA:2020-330:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-330:02 advisory. modauthmellon: Open Redirect via the login?ReturnTo= substring which could facilitate information theft CVE-2019-13038 Tenable has extracted the preceding...

MiracleLinux 9 : fence-agents-4.10.0-62.el9_4.5 (AXSA:2024-8822:11)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8822:11 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...

MiracleLinux 9 : open-vm-tools-12.1.5-1.el9.1 (AXSA:2023-6173:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6173:04 advisory. open-vm-tools: authentication bypass vulnerability in the vgauth module CVE-2023-20867 Tenable has extracted the preceding description block directly from th...

MiracleLinux 9 : thunderbird-102.12.0-1.el9.ML.1 (AXSA:2023-6084:17)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6084:17 advisory. Mozilla: Click-jacking certificate exceptions through rendering lag CVE-2023-34414 Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR...

MiracleLinux 9 : mysql-8.0.32-1.el9.ML.1 (AXSA:2023-6090:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6090:01 advisory. mysql: Server: Security: Privileges unspecified vulnerability CPU Apr 2023 CVE-2023-21912 mysql: Server: Optimizer unspecified vulnerability CPU Oct...

MiracleLinux 9 : dotnet7.0-7.0.114-1.el9_3.ML.1 (AXSA:2023-7071:33)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7071:33 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...

MiracleLinux 8 : python-urllib3-1.24.2-5.el8_9.2 (AXSA:2024-7414:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7414:01 advisory. python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 urllib3: Request body not stripped after redirect...

MiracleLinux 8 : gnome-shell-3.32.2-44.el8.ML.1 (AXSA:2022-3635:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3635:03 advisory. gnome-shell: Password from logged-out user may be shown on login screen CVE-2020-17489 Tenable has extracted the preceding description block directly from th...

MiracleLinux 8 : dotnet8.0-8.0.100-2.el8.ML.1 (AXSA:2024-7380:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7380:01 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...

MiracleLinux 8 : binutils-2.30-75.el8 (AXSA:2020-361:08)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-361:08 advisory. binutils: integer overflow leading to a SEGV in bfddwarf2findnearestline in dwarf2.c CVE-2019-17451 binutils: Improper Input Validation,...

MiracleLinux 8 : dotnet3.1-3.1.419-1.el8.ML.1 (AXSA:2022-3727:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3727:07 advisory. dotnet: excess memory allocation via HttpClient causes DoS CVE-2022-23267 dotnet: malicious content causes high CPU and memory usage CVE-2022-29117...

MiracleLinux 8 : thunderbird-115.6.0-1.el8_9.ML.1 (AXSA:2024-7381:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7381:03 advisory. Mozilla: Heap-buffer-overflow affecting WebGLDrawElementsInstanced method with Mesa VM driver CVE-2023-6856 Mozilla: Memory safety bugs fixed in...

MiracleLinux 9 : protobuf-3.14.0-13.el9 (AXSA:2022-4552:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4552:03 advisory. protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference CVE-2021-22570 Tenable has extracted the preceding description block...

MiracleLinux 8 : firefox-115.14.0-2.el8_10.ML.1 (AXSA:2024-8694:28)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8694:28 advisory. Firefox: 115.14/128.1 ESR mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory...

MiracleLinux 8 : libreoffice-6.4.7.2-16.el8.ML.1 (AXSA:2024-7659:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7659:02 advisory. libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution CVE-2023-6185 libreoffice: Insufficient macro permission...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2022-3597:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3597:01 advisory. python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through CVE-2021-43818 Tenable has extracted the preceding description block direct...

MiracleLinux 9 : ghostscript-9.54.0-14.el9 (AXSA:2023-7027:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7027:06 advisory. Ghostscript: GhostPDL can lead to remote code execution via crafted PostScript documents CVE-2023-43115 Tenable has extracted the preceding...

MiracleLinux 8 : python-cryptography-3.2.1-4.el8 (AXSA:2021-2026:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2026:02 advisory. python-cryptography: bleichenbacher timing oracle attack against RSA decryption CVE-2020-25659 python-cryptography: certain sequences of update call...