46 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-4132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way repeatedly hitting the...
Fedora 38 : rust-routinator (2024-28a151028a)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-28a151028a advisory. from changelog: Fix the RTR listener so that Routinator wont exit if an incoming RTR connection is closed again too quickly. 937, reported by Yohei Nishimura...
Fedora 38 : dotnet6.0 (2024-b0e165ded6)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-b0e165ded6 advisory. This is the February 2024 security update for .NET 6 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...
Fedora 39 : expat (2024-269826c2b3)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-269826c2b3 advisory. Rebase to version 2.6.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...
Fedora 39 : plantuml (2023-731133ab8e)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-731133ab8e advisory. Update plantuml to the latest version v1.2023.11. This update also includes fixes for CVE-2023-3431 and CVE-2023-3432. Tenable has extracted the...
Fedora 37 : attract-mode (2023-e58495988e)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-e58495988e advisory. Ensure stbimage contains the latest CVE patches Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
RHEL 8 : dbus (RHSA-2023:4498)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4498 advisory. D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session...
Dell EMC NetWorker Version Disclosure (DSA-2023-058)
The version of Dell EMC NetWorker installed on the remote Windows host is 19.5 or earlier. It is, therefore, affected by version disclosure vulnerabilities for 'Apache Tomcat' and 'RabbitMQ'. A NetWorker server user with remote access to NetWorker clients can exploit this vulnerability to prepare...
Fedora 37 : netconsd (2023-88629e9585)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-88629e9585 advisory. Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ2181655 Tenable has extracted the preceding description block directly from the Fedora security advisory...
RHEL 8 : openstack-selinux (RHSA-2020:4381)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:4381 advisory. The openstack-selinux package is a collection of SELinux policies for running OpenStack on Red Hat Enterprise Linux. Security Fixes: policy flaw allo...
AlmaLinux 9 : kernel-rt (ALSA-2022:6582)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:6582 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...
ImageMagick < 7.0.10-57 Integer Overflow
The remote Windows host has a version of ImageMagick installed that is prior 7.0.10-57. It is, therefore, affected by an integer overflow error in the GetPixelIndex function. An attacker can craft a malicious PDF file that, when processed by ImageMagick, results in undefined behavior or a crash...
Debian DSA-5211-1 : wpewebkit - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5211 advisory. - An out-of-bounds write issue was addressed with improved input validation. CVE-2022-32792 - The issue was addressed with improved UI handling. CVE-2022-32816 No...
CentOS 7 : kernel (RHSA-2022:5232)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5232 advisory. - net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root...
RHEL 7 : kernel (RHSA-2022:5157)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5157 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cgroups v1 releaseagent featur...
AlmaLinux 8 : tcpdump (ALSA-2021:4236)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2021:4236 advisory. - The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. CVE-2020-8037 Note that Nessus has not tested for this issue but has...
ABB Relion 650 and 670 Series Improper Input Validation (CVE-2019-18247)
An attacker may use a specially crafted message to force Relion 650 series versions 1.3.0.5 and prior or Relion 670 series versions 1.2.3.18, 2.0.0.11, 2.1.0.1 and prior to reboot, which could cause a denial of service. This plugin only works with Tenable.ot. Please visit...
RHEL 8 : babel (RHSA-2021:4201)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4201 advisory. Babel provides tools to build and work with gettext message catalogs, and a Python interface to the CLDR Common Locale Data Repository,...
CentOS 7 : bind (RHSA-2021:3325)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3325 advisory. - In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported Preview...
Google Chrome < 90.0.4430.93 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 90.0.4430.93. It is, therefore, affected by multiple vulnerabilities as referenced in the 202104stable-channel-update-for-desktop26 advisory. - Heap buffer overflow in ANGLE in Google Chrome on Windows prior to...