MiracleLinux 7 : libvirt-4.5.0-10.el7.10 (AXSA:2019-3893:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3893:07 advisory. Security Fix - libvirt systemd Unit SocketMode virtlockd-admin-sock virtlogd-admin-sock CVE-2019-10132 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the...

MiracleLinux 7 : systemd-219-62.el7.5 (AXSA:2019-3771:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3771:02 advisory. Security Fix - systemd PID1 PID1 systemd CVE-2019-6454 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the...

MiracleLinux 4 : rh-postgresql94-postgresql-9.4.14-2.AXS4 (AXSA:2017-2465:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2465:03 advisory. Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use...

MiracleLinux 7 : systemd-219-42.el7.7 (AXSA:2018-2569:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2569:02 advisory. A race condition was found in systemd. This could result in automount requests not being serviced and processes using them could hang, causing denial of...

MiracleLinux 9 : ipa-4.12.2-1.el9_5.3 (AXSA:2025-9559:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9559:01 advisory. freeipa: Administrative user data leaked through systemd journal CVE-2024-11029 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : systemd-252-55.el9_7.7.ML.1 (AXSA:2025-11553:11)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11553:11 advisory. systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump CVE-2025-4598 Tenable...

CVE-2023-31437

An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."...

CVE-2023-31438

An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."...

CVE-2021-31822

When Octopus Tentacle is installed on a Linux operating system, the systemd service file permissions are misconfigured. This could lead to a local unprivileged user modifying the contents of the systemd service file to gain privileged access...

PT-2026-25897

Name of the Vulnerable Software and Affected Versions Ubuntu 16.04 LTS affected versions not specified Ubuntu 18.04 LTS affected versions not specified Ubuntu 20.04 LTS versions prior to 2.67.1+20.04ubuntu1esm1 Ubuntu 22.04 LTS affected versions not specified Ubuntu 24.04 LTS versions prior to...

PT-2026-28575

Name of the Vulnerable Software and Affected Versions Incus versions prior to 6.23.0 Description Incus is a system container and virtual machine manager. Incus instances allow providing credentials to systemd within the guest environment, managed through a shared directory for containers. Prior t...

PT-2026-25167

Name of the Vulnerable Software and Affected Versions systemd affected versions not specified Description The systemd-machined service has an issue with access control due to inadequate validation of the class parameter within the RegisterMachine D-Bus method. A local user with limited privileges...

Exploit for Cross-site Scripting in Exclusiveaddons Exclusive_Addons_For_Elementor

---------------------------------...

CVE-2025-2515

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...

CVE-2025-2515

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...

Incorrect Authorization

Overview bluechi is a Python bindings for BlueChi's D-Bus API Affected versions of this package are vulnerable to Incorrect Authorization due to improper enforcement of systemd service dependencies across nodes. An attacker can gain elevated privileges on the host node by creating or overriding...

CVE-2025-2515 Bluechi: privilege escalation in bluechi via unrestricted cross-node systemd dependencies

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...

EUVD-2025-205290

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...

CVE-2025-2515

CVE-2025-2515 concerns BlueChi, a multi-node systemd service controller used in RHIVOS. The vulnerability allows a user with root privileges on a managed node (qm) to create or override systemd service unit files that affect the host node, enabling privilege escalation, unauthorized service execu...

CVE-2025-2515 Bluechi: privilege escalation in bluechi via unrestricted cross-node systemd dependencies

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...