RHEL 7 : webkitgtk4 (RHSA-2025:19352)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19352 advisory. WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3. Security...

Security Bulletin: IBM Guardium Data Protection is affected by a RHEL7 Kernel vulnerability (CVE-2024-36971)

Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2024-36971 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when...

RHSA-2018:2424 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.4 on RHEL7 security update

Bulletin has no description...

RHEL 7 : servicemesh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation CVE-2021-3121 Note that Nessus has not...

RHEL 7 : podman (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - podman: Privilege escalation in API component CVE-2019-25067 - An incorrect handling of the supplementary...

RHEL 7 : gpg (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - gpg: Signature spoofing via status line injection CVE-2022-34903 Note that Nessus has not tested for this issue but...

RHEL 7 : ssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 Note that Nessus has not tested for this...

RHEL 7 : tmux (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - tmux: null pointer dereference in windowpanesetevent in window.c CVE-2022-47016 Note that Nessus has not tested for...

RHEL 7 : gmp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - gmp: Integer overflow and resultant buffer overflow via crafted input CVE-2021-43618 Note that Nessus has not teste...

RHEL 7 : glob-parent (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - glob-parent: Regular Expression Denial of Service CVE-2021-35065 Note that Nessus has not tested for this issue but...

RHEL 7 : pycryptodome (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pycryptodome: side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex CVE-2023-52323 Note that...

RHEL 7 : minicom (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - minicom: Out of bounds write in vt100.c CVE-2017-7467 Note that Nessus has not tested for this issue but has instea...

RHEL 7 : libxcursor (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libXcursor: file.c: heap-based buffer overflow when reading/creating images CVE-2017-16612 Note that Nessus has not...

RHEL 7 : ncurses (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ncurses: Stack-based buffer overflow caused by format string vulnerability in fmtentry function...

RHEL 7 : cups (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cups: access to uninitialized buffer in ipp.c CVE-2020-10001 - cups: use-after-free in cupsdAcceptClient ...

RHEL 7 : jose (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jose: Denial of service due to uncontrolled CPU consumption CVE-2023-50967 - jose: resource exhaustion...

RHEL 7 : ovn (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ovn: insufficient validation of BFD packets may lead to denial of service CVE-2024-2182 Note that Nessus has not...

open security update

CentOS Errata and Security Advisory CESA-2023:3944 An update for open-vm-tools is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Low: Red Hat Security Advisory: open-vm-tools security and bug fix update

An update for open-vm-tools is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

GHSA-J4RF-7357-F4CG Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer

Impact There is an ext4 use-after-free flaw described in CVE-2022-1184 that is exploitable through versions of Apptainer 1.1.0 and installations that include apptainer-suid 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10...