2817 matches found
Scientific Linux Security Update : postgresql on SL7.x i686/x86_64 (2022:5162)
The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:5162-1 advisory. - postgresql: Autovacuum, REINDEX, and others omit security restricted operation sandbox CVE-2022-1552 Note that Nessus has not tested for this issue but...
Scientific Linux Security Update : xz on SL7.x i686/x86_64 (2022:5052)
The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:5052-1 advisory. - gzip: arbitrary-file-write vulnerability CVE-2022-1271 Note that Nessus has not tested for this issue but has instead relied only on the application's...
Scientific Linux Security Update : python-twisted-web on SL7.x x86_64 (2022:4930)
The remote Scientific Linux 7 host has a package installed that is affected by a vulnerability as referenced in the SLSA-2022:4930-1 advisory. - python-twisted: possible http request smuggling CVE-2022-24801 Note that Nessus has not tested for this issue but has instead relied only on the...
Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2022:4891)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:4891-1 advisory. - Mozilla: Braille space character caused incorrect sender email to be shown for a digitally signed email CVE-2022-1834 - Mozilla: Cross-Origin...
Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:4870)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:4870-1 advisory. - Mozilla: Cross-Origin resource's length leaked CVE-2022-31736 - Mozilla: Heap buffer overflow in WebGL CVE-2022-31737 - Mozilla: Browser window...
Scientific Linux Security Update : rsyslog on SL7.x x86_64 (2022:4803)
The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:4803-1 advisory. - rsyslog: Heap-based overflow in TCP syslog server CVE-2022-24903 Note that Nessus has not tested for this issue but has instead relied only on the...
Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:4729)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:4729-1 advisory. - Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 - Mozilla: Prototype pollution in...
Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2022:4730)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:4730-1 advisory. - Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 - Mozilla: Prototype pollution in...
Scientific Linux Security Update : kernel on SL7.x x86_64 (2022:4642)
The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:4642-1 advisory. - kernel: cgroups v1 releaseagent feature may allow privilege escalation CVE-2022-0492 Note that Nessus has not tested for this issue but has instead reli...
Scientific Linux Security Update : zlib on SL7.x i686/x86_64 (2022:2213)
The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:2213-1 advisory. - zlib: A flaw found in zlib when compressing not decompressing certain inputs CVE-2018-25032 Note that Nessus has not tested for this issue but has inste...
Scientific Linux Security Update : gzip on SL7.x x86_64 (2022:2191)
The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:2191-1 advisory. - gzip: arbitrary-file-write vulnerability CVE-2022-1271 Note that Nessus has not tested for this issue but has instead relied only on the application's...
Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2022:1725)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:1725-1 advisory. - Mozilla: Bypassing permission prompt in nested browsing contexts CVE-2022-29909 - Mozilla: iframe Sandbox bypass CVE-2022-29911 - Mozilla:...
Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:1703)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:1703-1 advisory. - Mozilla: Bypassing permission prompt in nested browsing contexts CVE-2022-29909 - Mozilla: iframe Sandbox bypass CVE-2022-29911 - Mozilla:...
Scientific Linux Security Update : maven-shared-utils on SL7.x (noarch) (2022:1541)
The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2022:1541-1 advisory. - maven-shared-utils: Command injection via Commandline class CVE-2022-29599 Note that Nessus has not tested for this issue but has instead relied only on...
Scientific Linux Security Update : java-11-openjdk on SL7.x i686/x86_64 (2022:1440)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:1440-1 advisory. - OpenJDK: Defective secure validation in Apache Santuario Libraries, 8278008 CVE-2022-21476 - OpenJDK: Unbounded memory allocation when compilin...
Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2022:1302)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:1302-1 advisory. - Mozilla: Use-after-free in NSSToken objects CVE-2022-1097 - Mozilla: Out of bounds write due to unexpected WebAuthN Extensions CVE-2022-28281 -...
Scientific Linux Security Update : firefox on SL7.x i686/x86_64 (2022:1284)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:1284-1 advisory. - Mozilla: Use-after-free in NSSToken objects CVE-2022-1097 - Mozilla: Out of bounds write due to unexpected WebAuthN Extensions CVE-2022-28281 -...
Scientific Linux Security Update : kernel on SL7.x x86_64 (2022:1198)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:1198-1 advisory. - kernel: use-after-free in RDMA listen CVE-2021-4028 - kernel: fget: check that the fd still exists after getting a ref to it CVE-2021-4083 Note...
Scientific Linux Security Update : log4j on SL6.x, SL7.x i686/x86_64 (2021:5206)
The remote Scientific Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2021:5206-1 advisory. - log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender CVE-2021-4104 Note that Nessus has not tested for this...
Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2022:0850)
The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0850-1 advisory. - Mozilla: Use-after-free in XSLT parameter processing CVE-2022-26485 - Mozilla: Use-after-free in WebGPU IPC Framework CVE-2022-26486 - expat:...