21015 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-41242
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Framework MVC applications can be vulnerable to a Path Traversal Vulnerability when deployed on a non-compliant Servlet container. An application can be...
Linux Distros Unpatched Vulnerability : CVE-2025-55193
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Active Record connects classes to relational database tables. Prior to versions 7.1.5.2, 7.2.2.2, and 8.0.2.1, the ID passed to find or similar methods may be...
Linux Distros Unpatched Vulnerability : CVE-2025-54389
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can...
CVE-2025-54484
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
Linux Distros Unpatched Vulnerability : CVE-2021-25743
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the...
Linux Distros Unpatched Vulnerability : CVE-2022-31150
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - undici is an HTTP/1.1 client, written from scratch for Node.js. It is possible to inject CRLF sequences into request headers in undici in versions less than...
CVE-2025-58160
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
AZL-73244 CVE-2025-58160 affecting package rpm-ostree for versions less than 2022.1-8
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
AZL-78618 CVE-2025-58160 affecting package trident 0.21.0-1
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
AZL-73223 CVE-2025-58160 affecting package rust 1.90.0-3
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
AZL-73211 CVE-2025-58160 affecting package kata-containers 3.19.1.kata2-6
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
AZL-73247 CVE-2025-58160 affecting package rust 1.72.0-14
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
AZL-73217 CVE-2025-58160 affecting package rpm-ostree 2024.4-6
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
AZL-73220 CVE-2025-58160 affecting package rust 1.75.0-24
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
DEBIAN-CVE-2025-58160
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
CVE-2025-58160
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
UBUNTU-CVE-2025-58160
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
CVE-2025-58160 Tracing logging user input may result in poisoning logs with ANSI escape sequences
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
CVE-2025-58160 Tracing logging user input may result in poisoning logs with ANSI escape sequences
tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...
CVE-2025-58160
CVE-2025-58160 affects Rust tracing-subscriber prior to 0.3.20. Untrusted input with ANSI escape sequences could be injected into terminal output, potentially allowing manipulation of terminal title bars, screen clearing, or display changes. The vulnerability is fixed in 0.3.20 by escaping ANSI c...