16360 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-56003
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before...
Linux Distros Unpatched Vulnerability : CVE-2026-56000
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use Aft...
Linux Distros Unpatched Vulnerability : CVE-2026-14740
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes...
Linux Distros Unpatched Vulnerability : CVE-2026-14380
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DBI versions before 1.650 for Perl are vulnerable to code injection via caller-influenced Profile. When a string is assigned to a DBI handle's Profile attribute...
Linux Distros Unpatched Vulnerability : CVE-2026-59999
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not. CVE-2026-59999 Note that Nessus relies...
Linux Distros Unpatched Vulnerability : CVE-2026-59995
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when sftp server:/path . is used with an attacker-controlled server...
Linux Distros Unpatched Vulnerability : CVE-2026-14476
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A path traversal flaw was found in SSSD's AD GPO provider. The adgpoextractsmbcomponents function does not sanitize .. sequences in the gPCFileSysPath LDAP...
Linux Distros Unpatched Vulnerability : CVE-2026-11610
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, a...
Linux Distros Unpatched Vulnerability : CVE-2026-14969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in 389-ds-base where the LDBM backend attribute encryption uses a hardcoded static initialization vector for AES-CBC and 3DES-CBC operations,...
Linux Distros Unpatched Vulnerability : CVE-2026-54060
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Pillow is a Python imaging library. Prior to 12.3.0, PIL/FontFile.py FontFile.compile assembled per- glyph images into a combined bitmap with Image.new1, xsize,...
Linux Distros Unpatched Vulnerability : CVE-2026-41514
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...
Linux Distros Unpatched Vulnerability : CVE-2026-53360
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use As per the GHCB spec, when using GHCB v2+ require the software scratch area to reside in the GHCB'...
Linux Distros Unpatched Vulnerability : CVE-2026-53362
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: account for fraggap on the paged allocation path In ip6appenddata, when the paged-allocation branch is taken MSGMORE / NETIFFSG / large fraglen, alloclen...
Linux Distros Unpatched Vulnerability : CVE-2024-23081
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ThreeTen Backport v1.6.8 was discovered to contain a NullPointerException via the component org.threeten.bp.LocalDate::compareToChronoLocalDate. NOTE: this is...
Linux Distros Unpatched Vulnerability : CVE-2026-14757
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation...
Linux Distros Unpatched Vulnerability : CVE-2026-54433
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Rouncube project reports: See links for more detail CVE-2026-54433 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2026-41515
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...
Linux Distros Unpatched Vulnerability : CVE-2026-58404
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Hugo is a static site generator. From v0.162.0 through v0.163.0, the default security.http.urls policy denies requests to loopback, internal, and cloud-metadata...
Linux Distros Unpatched Vulnerability : CVE-2026-50133
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Hugo is a static site generator. Prior to 0.162.0, Hugo accepts content files in several markup formats. Files mapped to the text/html media type typically .htm...
Linux Distros Unpatched Vulnerability : CVE-2026-14758
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in radareorg radare2 up to 6.1.6. This vulnerability affects the function cmdanalopcode of the file libr/core/cmdanal.inc.c of th...