136 matches found
Amazon Linux AMI : openssh (ALAS-2023-1794)
The version of openssh installed on the remote host is prior to 7.4p1-22.78. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1794 advisory. An issue was discovered in OpenSSH 7.4 on Amazon Linux 2 and Amazon Linux 1. The fix for CVE-2019-6111 only covered cases where ...
Oracle Linux 8 : kernel (ELSA-2023-3847)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3847 advisory. - net: tls: fix possible race condition between dotlsgetsockoptconf and dotlssetsockoptconf Hangyu Hua CVE-2023-28466 Tenable has extracted the preceding...
SUSE SLES12: libvmtools0 / open-vm-tools / open-vm-tools-desktop / etc (SUSE-SU-2023:2530-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2530-1 advisory. - CVE-2023-20867: Fixed authentication bypass vulnerability in the vgauth module bsc1212143. Bug fixes: - Fixed build problem with grpc 1.54...
AlmaLinux 8 : autotrace (ALSA-2023:3067)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:3067 advisory. - AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660. CVE-2022-32323 Note that Nessus has not tested for thi...
AlmaLinux 8 : mingw-expat (ALSA-2023:3068)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:3068 advisory. - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus has not tested for this issue but has instead...
SUSE SLES12: apache2-mod_php74 / php74 / php74-bcmath / php74-bz2 / etc (SUSE-SU-2023:1847-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1847-1 advisory. - CVE-2022-4900: Fixed potential buffer overflow via PHPCLISERVERWORKERS environment variable. bsc1209537 Tenable has extracted the precedin...
SUSE SLES12: dpdk / dpdk-kmp-default / dpdk-thunderx / dpdk-thunderx-kmp-default / etc (SUSE-SU-2023:1572-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1572-1 advisory. - rebuild the package with the new secure boot key bsc1209188. Tenable has extracted the preceding description block directly from the SUSE...
RHEL 8 : nss (RHSA-2023:1369)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1369 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...
Amazon Linux 2 : nss (ALAS-2023-1992)
The version of nss installed on the remote host is prior to 3.79.0-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1992 advisory. firefox-esr , thunderbird and nss only are affected by this package. CVE-2023-0767 Tenable has extracted the preceding description blo...
Scientific Linux Security Update : pesign on SL7.x x86_64 (2023:1093)
The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2023:1093-1 advisory. - pesign: Local privilege escalation on pesign systemd service CVE-2022-3560 Note that Nessus has not tested for this issue but has instead relied only on...
Oracle Linux 8 : expat (ELSA-2023-0103)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-0103 advisory. - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 - CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DT...
Mozilla Firefox Security Advisory (MFSA2021-33) - Mac OS X
This host is missing a security update for Mozilla Firefox. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Amazon Linux 2022 : jdom, jdom-demo, jdom-javadoc (ALAS2022-2022-168)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-168 advisory. An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. CVE-2021-33813 Tenable has extracted the preceding description block directly...
SUSE SLES12 Security Update : crash (SUSE-SU-2022:2319-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2319-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc...
RHEL 8 : squid:4 (RHSA-2022:5528)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5528 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: DoS when...
RHEL 9 : libxml2 (RHSA-2022:5250)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5250 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: integer overflows in...
Security Feature Bypass Vulnerability for Microsoft Excel Products C2R (June 2020)
The Microsoft Excel Products is missing a security update, and Therefore is affected by a security feature bypass vulnerability. An attacker who exploited this vulnerability could cause a system to load remote images which could disclose the IP address of the targeted system to the attacker. C...
RHEL 8 : postgresql:13 (RHSA-2022:4857)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4857 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream version:...
Oracle Linux 8 : qt5-qtbase (ELSA-2022-1796)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1796 advisory. 5.15.2-4 - Fix out-of-bounds write in QOutlineMapper::convertPath Resolves: bz1996877 Tenable has extracted the preceding description block directly from the...
RHEL 8 : httpd:2.4 (RHSA-2022:1080)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1080 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Errors encountered during...