[Aug 17 06:53:58] INFO [localhost] vuls--build-20220808_075630_1e45732 [Aug 17 06:53:58] INFO [localhost] Validating config... [Aug 17 06:53:58] INFO [localhost] cveDict.type=sqlite3, cveDict.url=, cveDict.SQLite3Path=/vuls/cve.sqlite3 [Aug 17 06:53:58] INFO [localhost] ovalDict.type=sqlite3, ovalDict.url=, ovalDict.SQLite3Path=/vuls/oval.sqlite3 [Aug 17 06:53:58] INFO [localhost] gost.type=sqlite3, gost.url=, gost.SQLite3Path=/vuls/gost.sqlite3 [Aug 17 06:53:58] INFO [localhost] exploit.type=sqlite3, exploit.url=, exploit.SQLite3Path=/vuls/go-exploitdb.sqlite3 [Aug 17 06:53:58] INFO [localhost] metasploit.type=sqlite3, metasploit.url=, metasploit.SQLite3Path=/vuls/go-msfdb.sqlite3 [Aug 17 06:53:58] INFO [localhost] kevuln.type=sqlite3, kevuln.url=, kevuln.SQLite3Path=/vuls/go-kev.sqlite3 [Aug 17 06:53:58] INFO [localhost] cti.type=sqlite3, cti.url=, cti.SQLite3Path=/vuls/go-cti.sqlite3 [Aug 17 06:53:58] INFO [localhost] Loaded: /vuls/results/2022-08-17T05:45:19Z [Aug 17 06:53:58] INFO [localhost] No need to refresh [Aug 17 06:53:58] INFO [localhost] [Reboot Required] c74: total 46 CVEs detected [Aug 17 06:53:58] INFO [localhost] [Reboot Required] c74: 0 CVEs filtered by --confidence-over=80 [Reboot Required] c74 (centos7.9.2009) ====================================== Total: 46 (Critical:10 High:20 Medium:9 Low:7 ?:0) 20/46 Fixed, 17 poc, 0 exploits, cisa: 0, uscert: 0, jpcert: 0 alerts 582 installed +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-ID | CVSS | ATTACK | POC | ALERT | FIXED | PACKAGES | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2021-43527 | 10.0 | AV:N | | | fixed | nss, nss-sysinit, nss-tools | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2014-9939 | 9.8 | AV:N | | | unfixed | binutils | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2015-4042 | 9.8 | AV:N | POC | | unfixed | coreutils | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-22822 | 9.8 | AV:N | | | fixed | expat | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-22823 | 9.8 | AV:N | | | fixed | expat | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-22824 | 9.8 | AV:N | | | fixed | expat | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-23852 | 9.8 | AV:N | | | fixed | expat | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-25235 | 9.8 | AV:N | | | fixed | expat | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-25236 | 9.8 | AV:N | | | fixed | expat | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-25315 | 9.8 | AV:N | POC | | fixed | expat | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2018-25032 | 8.9 | AV:N | POC | | fixed | zlib, zlib-devel | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2021-4034 | 8.9 | AV:L | POC | | fixed | polkit | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2021-45960 | 8.9 | AV:N | POC | | fixed | expat | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2021-46143 | 8.9 | AV:N | POC | | fixed | expat | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-1271 | 8.9 | AV:N | | | fixed | gzip, xz, xz-devel, xz-libs | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-22825 | 8.9 | AV:N | | | fixed | expat | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-22826 | 8.9 | AV:N | | | fixed | expat | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-22827 | 8.9 | AV:N | | | fixed | expat | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-24407 | 8.9 | AV:N | | | fixed | cyrus-sasl-lib | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-24903 | 8.9 | AV:N | | | fixed | rsyslog | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2015-8982 | 8.1 | AV:N | | | unfixed | glibc | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2015-8983 | 8.1 | AV:N | | | unfixed | glibc | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2022-29154 | 8.0 | AV:N | POC | | unfixed | rsync | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2015-4041 | 7.8 | AV:L | POC | | unfixed | coreutils | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2009-5155 | 7.5 | AV:N | POC | | unfixed | glibc | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2014-0021 | 7.5 | AV:N | | | unfixed | chrony | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2016-4425 | 7.5 | AV:N | | | unfixed | jansson | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2020-25709 | 7.5 | AV:N | | | fixed | openldap | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2020-25710 | 7.5 | AV:N | | | fixed | openldap | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2021-22946 | 7.5 | AV:N | POC | | unfixed | curl | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2019-17450 | 6.5 | AV:N | POC | | unfixed | binutils | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2015-8984 | 5.9 | AV:N | | | unfixed | glibc | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2015-8985 | 5.9 | AV:N | | | unfixed | glibc | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2017-5715 | 5.6 | AV:L | POC | | unfixed | linux-firmware | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2014-9637 | 5.5 | AV:N | | | unfixed | patch | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2015-3243 | 5.5 | AV:L | | | unfixed | rsyslog | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2015-2808 | 5.0 | AV:N | | | unfixed | gnutls, nss, openssl | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2015-6496 | 5.0 | AV:N | POC | | unfixed | conntrack-tools | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2020-12399 | 4.4 | AV:L | | | unfixed | nss | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2021-36084 | 3.3 | AV:L | POC | | unfixed | libsepol | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2021-36085 | 3.3 | AV:L | POC | | unfixed | libsepol | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2021-36086 | 3.3 | AV:L | POC | | unfixed | libsepol | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2021-36087 | 3.3 | AV:L | POC | | unfixed | libsepol | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2014-3637 | 2.1 | AV:L | | | unfixed | dbus | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2014-3638 | 2.1 | AV:L | | | unfixed | dbus | +----------------+------+--------+-----+-----------+---------+-----------------------------+ | CVE-2014-3639 | 2.1 | AV:L | | | unfixed | dbus | +----------------+------+--------+-----+-----------+---------+-----------------------------+