CentOS 7 : mutt (RHSA-2020:1126)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1126 advisory. - An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/util.c mishandles .. directory traversal in a mailbox name. CVE-2018-14355...

Design/Logic Flaw

A vulnerability was found in all versions of Keycloak where, the pages on the Admin Console area of the application are completely missing general HTTP security headers in HTTP-responses. This does not directly lead to a security issue, yet it might aid attackers in their efforts to exploit other...

Photon OS 1.0: Python2 PHSA-2019-1.0-0257

An update of the python2 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0257. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 2.0: Libpcap PHSA-2019-2.0-0187

An update of the libpcap package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0187. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 31 : jhead (2019-948e6ebaeb)

updated to 3.04 CVE-2019-19035 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

RHEL 8 : go-toolset:rhel8 (RHSA-2019:3433)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3433 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: malformed hosts in...

Photon OS 1.0: Bash PHSA-2019-1.0-0252

An update of the bash package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0252. The text itself is copyright C VMware, Inc. include"compat.inc"; if description scriptid129783;...

Fedora 31 : nbdkit (2019-a75665981b)

New upstream version 1.14.1. Fixes Denial of Service / Amplication Attack: https://www.redhat.com/archives/libguestfs/2019-September/msg00084.htm l Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempte...

Fedora 29 : 1:openssl (2019-d51641f152)

Minor update release 1.1.1d with low impact security fixes. ---- Fix for TLS non-compliance causing server interoperability problems with golang TLS client. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...

CVE-2019-5503

OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors...

Amazon Linux 2 : kernel (ALAS-2019-1253)

There is a newly discovered variant side-channel attack of Spectre V1 which leverages SWAPGS instructions to bypass KPTI/KVA mitigations. This could lead to a kernel information disclosure. CVE-2019-1125 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Photon OS 1.0: Bzip2 PHSA-2019-1.0-0242

An update of the bzip2 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0242. The text itself is copyright C VMware, Inc. include"compat.inc"; if description scriptid126471...

Photon OS 3.0: Sqlite PHSA-2019-3.0-0018

An update of the sqlite package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0018. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid126208;...

Fedora 29 : evince (2019-ff2b5b5b47)

Security fix for CVE-2019-11459. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

Photon OS 1.0: Nss PHSA-2019-1.0-0239

An update of the nss package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0239. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid126189;...

Fedora 29 : buildbot (2019-2ea119f414)

Update to 1.8.2 to fix CVE-2019-12300. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...

Photon OS 1.0: Bash PHSA-2019-1.0-0229

An update of the bash package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0229. The text itself is copyright C VMware, Inc. include"compat.inc"; if description scriptid124869;...

RHEL 7 : ovmf (RHSA-2019:0809)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0809 advisory. OVMF Open Virtual Machine Firmware is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for...

KB4493478: Security update for Adobe Flash Player (April 2019)

The remote Windows host is missing security update KB4493478. It is, therefore, affected by multiple vulnerabilities: - A use-after-free vulnerability exists in Adobe Flash. An unauthenticated, remote attacker could exploit this to execute arbitrary code. CVE-2019-7096 - An information disclosure...

Fedora 29 : wget (2019-7a0497cbc2)

update to 1.20.3 - fixed CVE-2019-5953 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...