GeForce, Workstation, Compute Security Vulnerabilities

RHEL 7 : rh-perl526-perl (RHSA-2019:0001)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0001 advisory. perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) perl: Heap-based buffer overflow in...

RHEL 6 / 7 : rh-maven33-plexus-archiver and rh-maven35-plexus-archiver (RHSA-2018:1837)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1837 advisory. plexus-archiver: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file (CVE-2018-1002200) Note...

RHEL 7 : redis (RHSA-2019:2508)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:2508 advisory. Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and...

RHEL 7 : openstack-octavia (RHSA-2019:3788)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3788 advisory. The OpenStack Load Balancing service (openstack-octavia) provides a Load Balancing-as-a-Service (LBaaS) version 2 implementation for Red Hat...

RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2018:0584)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0584 advisory. ruby: Command injection vulnerability in Net::FTP (CVE-2017-17405) ruby: Command injection in lib/resolv.rb:lazy_initialize() allows...

RHEL 7 : openstack-ceilometer (RHSA-2019:0919)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0919 advisory. OpenStack Telemetry (ceilometer) collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents...

RHEL 7 : python-cryptography (RHSA-2018:3600)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2018:3600 advisory. The python-cryptography packages contain a Python Cryptographic Authority's (PyCA's) cryptography library, which provides cryptographic primitives...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:1643)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1643 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : openstack-keystone (RHSA-2018:2533)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2533 advisory. The OpenStack Identity service (keystone) authenticates and authorizes OpenStack users by keeping track of users and their permitted activities....

RHEL 7 : pyOpenSSL (RHSA-2019:0085)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0085 advisory. The pyOpenSSL packages provide a high-level wrapper around a subset of the OpenSSL library for the Python programming language. Security...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:2425)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2425 advisory. QEMU: seccomp: blacklist is not applied to all threads (CVE-2018-15746) QEMU: rtl8139: integer overflow leads to buffer overflow...

RHEL 6 / 7 : rh-ruby24-ruby (RHSA-2018:3730)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3730 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...

RHEL 7 : ansible (RHSA-2019:3789)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:3789 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over...

RHEL 6 / 7 : rh-ror50-rubygem-sprockets (RHSA-2018:2245)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2245 advisory. rubygem-sprockets: Path traversal in forbidden_request?() can allow remote attackers to read arbitrary files (CVE-2018-3760) Note that...

RHEL 7 : qemu-kvm-rhev (RHSA-2017:3466)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3466 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:1200)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1200 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:1199)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1199 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 6 / 7 : rh-redis32-redis (RHSA-2019:1860)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1860 advisory. redis: Heap corruption in lua_cmsgpack.c (CVE-2018-11218) redis: Integer overflow in lua_struct.c:b_unpack() (CVE-2018-11219) ...

RHEL 6 / 7 : rh-git29-git (RHSA-2018:2147)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2147 advisory. git: path sanity check in is_ntfs_dotgit() can read arbitrary memory (CVE-2018-11233) git: arbitrary code execution when recursively...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:2822)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2822 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

RHEL 7 : openstack-nova (RHSA-2019:2631)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2631 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....

RHEL 7 : openstack-nova (RHSA-2019:2622)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2622 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....

RHEL 7 : openstack-ceilometer (RHSA-2019:0580)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0580 advisory. OpenStack Telemetry (ceilometer) collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents...

RHEL 6 / 7 : rh-mariadb101-mariadb and rh-mariadb101-galera (RHSA-2018:0574)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0574 advisory. mysql: insecure error log file handling in mysqld_safe (CPU Oct 2016) (CVE-2016-5617, CVE-2016-6664) mysql: Server: Optimizer...

RHEL 6 / 7 : rh-postgresql96-postgresql (RHSA-2017:3405)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3405 advisory. postgresql: Start scripts permit database administrator to modify root-owned files (CVE-2017-12172, CVE-2017-15097) Note that...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:1645)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1645 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 6 / 7 : rh-mysql57-mysql (RHSA-2018:3655)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3655 advisory. mysql: Server: Replication unspecified vulnerability (CPU Apr 2018) (CVE-2018-2755) mysql: Server: Security: Privileges unspecified...

RHEL 7 : rh-haproxy18-haproxy (RHSA-2018:1372)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1372 advisory. haproxy: Heap buffer overflow in mux_h2.c:h2_process_demux() can allow attackers to cause a denial of service (CVE-2018-10184) Note that Nessus...

RHEL 6 / 7 : rh-perl524-perl (RHSA-2019:0010)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0010 advisory. perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) perl: Heap-based buffer overflow in...

RHEL 7 : openvswitch (RHSA-2019:0053)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0053 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. ...

RHEL 7 : openstack-keystone (RHSA-2018:2543)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2543 advisory. The OpenStack Identity service (keystone) authenticates and authorizes OpenStack users by keeping track of users and their permitted activities....

RHEL 6 / 7 : httpd24 (RHSA-2017:3018)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3018 advisory. httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed) (CVE-2017-9798) Note that Nessus has not tested for this issue but has...

RHEL 7 : rh-nodejs8-nodejs (RHSA-2018:2949)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2949 advisory. nodejs: HTTP parser allowed for spaces inside Content-Length header values (CVE-2018-7159) nodejs: Inspector DNS rebinding vulnerability...

RHEL 7 : Red Hat OpenStack Platform director (RHSA-2018:1627)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1627 advisory. Red Hat OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service...

RHEL 7 : ansible (RHSA-2019:0054)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0054 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over...

RHEL 7 : rh-postgresql10-postgresql (RHSA-2018:3757)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3757 advisory. postgresql: SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER ... REFERENCING (CVE-2018-16850) Note that Nessus has not tested for this...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:3742)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3742 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 7 : rh-ruby25-ruby (RHSA-2018:3731)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3731 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...

RHEL 7 : qemu-kvm-rhev (RHSA-2018:2363)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2363 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

RHEL 7 : qemu-kvm-rhev (RHSA-2017:3471)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:3471 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

RHEL 6 / 7 : rh-mysql56-mysql (RHSA-2018:0587)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0587 advisory. mysql: Server: Partition unspecified vulnerability (CPU Jan 2018) (CVE-2018-2562) mysql: Server: GIS unspecified vulnerability (CPU...

RHEL 6 / 7 : rh-ruby23-ruby (RHSA-2018:3729)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3729 advisory. ruby: HTTP response splitting in WEBrick (CVE-2017-17742) ruby: Unintentional file and directory creation with directory traversal in...

RHEL 7 : rh-nodejs8-nodejs (RHSA-2019:1821)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1821 advisory. nodejs: HTTP request splitting (CVE-2018-12116) nodejs: Denial of Service with large HTTP headers (CVE-2018-12121) nodejs: Slowloris...

RHEL 7 : openstack-nova and python-novaclient (RHSA-2018:0369)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0369 advisory. OpenStack Compute (nova) launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform....

RHEL 7 : qemu-kvm-rhev (RHSA-2018:1686)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1686 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide...

RHEL 7 : openstack-neutron (RHSA-2018:3792)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3792 advisory. OpenStack Networking (neutron) is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main...

RHEL 7 : rh-nginx112-nginx (RHSA-2018:3680)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3680 advisory. nginx: Excessive memory consumption via flaw in HTTP/2 implementation (CVE-2018-16843) nginx: Excessive CPU usage via flaw in HTTP/2...

CentOS 9 : kernel-5.14.0-437.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-437.el9 build changelog. In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The...

Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6743-3)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6743-3 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, the...

RHEL 7 : thunderbird (RHSA-2024:1935)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1935 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.10.0. Security Fix(es): *...