MiracleLinux 8 : nodejs:18 (AXSA:2024-7739:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7739:01 advisory. nodejs: CONTINUATION frames DoS CVE-2024-27983 nodejs: using the fetch function to retrieve content from an untrusted URL leads to denial of service...

MiracleLinux 9 : openssh-8.7p1-29.el9 (AXSA:2023-6041:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6041:05 advisory. openssh: the functions orderhostkeyalgs and listhostkeytypes leads to double-free vulnerability CVE-2023-25136 Tenable has extracted the preceding descriptio...

MiracleLinux 9 : freeradius-3.0.21-40.el9_4 (AXSA:2024-8631:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8631:02 advisory. freeradius: forgery attack CVE-2024-3596 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : nss-3.90.0-4.el9_3 (AXSA:2024-7386:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7386:01 advisory. nss: timing attack against RSA decryption CVE-2023-5388 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

MiracleLinux 8 : python3.11-3.11.11-1.el8_10 (AXSA:2024-9396:32)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9396:32 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : thunderbird-102.8.0-2.el9.ML.1 (AXSA:2023-5140:11)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5140:11 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...

MiracleLinux 7 : xstream-1.3.1-13.el7 (AXSA:2021-1711:02)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1711:02 advisory. XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet CVE-2021-21344 XStream: Unsafe deserizaliation of...

MiracleLinux 7 : hunspell-1.3.2-16.el7 (AXSA:2020-570:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-570:01 advisory. hunspell: out-of-bounds read in SuggestMgr::leftcommonsubstring in suggestmgr.cxx CVE-2019-16707 Tenable has extracted the preceding description block directl...

MiracleLinux 9 : libsoup-2.72.0-8.el9_5.2 (AXSA:2024-9403:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9403:03 advisory. libsoup: infinite loop while reading websocket data CVE-2024-52532 libsoup: HTTP request smuggling via stripping null bytes from the ends of header...

MiracleLinux 9 : ncurses-6.2-10.20210508.el9 (AXSA:2023-6879:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6879:02 advisory. ncurses: Local users can trigger security-relevant memory corruption via malformed data CVE-2023-29491 Tenable has extracted the preceding description block...

MiracleLinux 9 : device-mapper-multipath-0.8.7-7.el9.1 (AXSA:2022-4131:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4131:06 advisory. device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket CVE-2022-41974 Tenable has extract...

MiracleLinux 9 : mod_http2-2.0.26-2.el9_4.1 (AXSA:2024-8954:04)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8954:04 advisory. modhttp2: DoS by null pointer in websocket over HTTP/2 CVE-2024-36387 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : cairo-1.15.12-6.el8, pixman-0.38.4-2.el8 (AXSA:2022-3446:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3446:01 advisory. cairo: libreoffice slideshow aborts with stack smashing in cairo's compositeboxes CVE-2020-35492 Tenable has extracted the preceding description block direct...

MiracleLinux 8 : libuv-1.41.1-2.el8_10 (AXSA:2024-8516:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8516:01 advisory. libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : nodejs:18 (AXSA:2023-5259:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5259:01 advisory. glob-parent: Regular Expression Denial of Service CVE-2021-35065 http-cache-semantics: Regular Expression Denial of Service ReDoS vulnerability...

MiracleLinux 9 : qt5-qtbase-5.15.9-10.el9_4 (AXSA:2024-8586:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8586:04 advisory. qtbase: qtbase: Delay any communication until encrypted can be responded to CVE-2024-39936 Tenable has extracted the preceding description block directly fro...

MiracleLinux 8 : nodejs:16 (AXSA:2023-6524:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6524:01 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...

MiracleLinux 7 : rh-ruby30-ruby-3.0.4-149.el7 (AXSA:2022-3890:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3890:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...

MiracleLinux 8 : grafana-7.3.6-2.el8 (AXSA:2021-2087:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2087:03 advisory. crewjam/saml: authentication bypass in saml authentication CVE-2020-27846 grafana: XSS via a query alias for the Elasticsearch and Testdata datasour...

MiracleLinux 8 : firefox-78.14.0-1.el8.ML.1 (AXSA:2021-2416:26)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2416:26 advisory. Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 CVE-2021-38493 Tenable has extracted the preceding description block...