MiracleLinux 9 : nss-3.90.0-4.el9_3 (AXSA:2024-7386:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7386:01 advisory. nss: timing attack against RSA decryption CVE-2023-5388 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

MiracleLinux 8 : open-vm-tools-12.2.5-3.el8.1.ML.1 (AXSA:2024-7375:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7375:01 advisory. open-vm-tools: SAML token signature bypass CVE-2023-34058 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper...

MiracleLinux 8 : samba-4.15.5-10.el8 (AXSA:2022-3934:09)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3934:09 advisory. samba: server memory information leak via SMB1 CVE-2022-32742 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : python3.11-3.11.11-1.el8_10 (AXSA:2024-9396:32)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9396:32 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : ncurses-6.2-10.20210508.el9 (AXSA:2023-6879:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6879:02 advisory. ncurses: Local users can trigger security-relevant memory corruption via malformed data CVE-2023-29491 Tenable has extracted the preceding description block...

MiracleLinux 9 : libsoup-2.72.0-8.el9_5.2 (AXSA:2024-9403:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9403:03 advisory. libsoup: infinite loop while reading websocket data CVE-2024-52532 libsoup: HTTP request smuggling via stripping null bytes from the ends of header...

MiracleLinux 8 : python27:2.7 (AXSA:2023-6555:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6555:01 advisory. python: TLS handshake bypass CVE-2023-40217 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : nodejs:20 (AXSA:2024-8726:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8726:01 advisory. nodejs: Bypass network import restriction via data URL CVE-2024-22020 nodejs: fs.lstat bypasses permission model CVE-2024-22018 nodejs:...

MiracleLinux 9 : thunderbird-102.8.0-2.el9.ML.1 (AXSA:2023-5140:11)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5140:11 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...

MiracleLinux 7 : hunspell-1.3.2-16.el7 (AXSA:2020-570:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-570:01 advisory. hunspell: out-of-bounds read in SuggestMgr::leftcommonsubstring in suggestmgr.cxx CVE-2019-16707 Tenable has extracted the preceding description block directl...

MiracleLinux 7 : xstream-1.3.1-13.el7 (AXSA:2021-1711:02)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1711:02 advisory. XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet CVE-2021-21344 XStream: Unsafe deserizaliation of...

MiracleLinux 8 : squid:4 (AXSA:2024-7336:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7336:01 advisory. squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 squid: Request/Response smuggling in HTTP/1.1 and ICAP CVE-2023-46846 Tenable...

MiracleLinux 9 : jackson (AXSA:2023-5805:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5805:01 advisory. jackson-databind: denial of service via a large depth of nested objects CVE-2020-36518 Tenable has extracted the preceding description block directly from th...

MiracleLinux 9 : libreswan-4.12-1.el9 (AXSA:2023-6824:09)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6824:09 advisory. libreswan: Invalid IKEv2 REKEY proposal causes restart CVE-2023-38710 libreswan: Invalid IKEv1 Quick Mode ID causes restart CVE-2023-38711 libreswan...

MiracleLinux 8 : dotnet6.0-6.0.122-1.el8.ML.1 (AXSA:2023-6414:22)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6414:22 advisory. dotnet: Denial of Service with Client Certificates using .NET Kestrel CVE-2023-36799 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : ppp-2.4.7-26.el8 (AXSA:2020-167:03)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-167:03 advisory. ppp: Buffer overflow in the eaprequest and eapresponse functions in eap.c CVE-2020-8597 Tenable has extracted the preceding description block directly from th...

MiracleLinux 8 : dotnet7.0-7.0.119-1.el8.ML.1 (AXSA:2024-8381:11)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8381:11 advisory. dotnet: stack buffer overrun in Double Parse CVE-2024-30045 dotnet: denial of service in ASP.NET Core due to deadlock in Http2OutputProducer.Stop...

MiracleLinux 8 : thunderbird-115.3.1-1.el8.ML.1 (AXSA:2023-6497:29)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6497:29 advisory. firefox: use-after-free in workers CVE-2023-3600 Mozilla: Out-of-bounds write in PathOps CVE-2023-5169 Mozilla: Use-after-free in Ion Compiler...

MiracleLinux 9 : java-21-openjdk-21.0.4.0.7-1.el9.ML.1 (AXSA:2024-8584:12)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8584:12 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK:...

MiracleLinux 8 : thunderbird-91.6.0-1.el8.ML.1 (AXSA:2022-3068:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3068:03 advisory. Mozilla: Extensions could have bypassed permission confirmation during update CVE-2022-22754 Mozilla: Memory safety bugs fixed in Firefox 97 and...