21310 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-52005
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Git is a source code management tool. When cloning from a server or fetching, or pushing, informational or error messages are transported from the remote Git...
Linux Distros Unpatched Vulnerability : CVE-2024-55641
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfs: unlock inodes when erroring out of xfstransallocdir Debugging a filesystem patch with...
CVE-2025-27111
A flaw was found in Rack Rubygem, where the Rack::Sendfile middleware logs unsanitized header values from the X-Sendfile-Type header. This flaw allows an attacker to inject escape sequences, such as newline characters, into the header, resulting in log injection. Mitigation To mitigate this...
Linux Distros Unpatched Vulnerability : CVE-2024-29180
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently...
Linux Distros Unpatched Vulnerability : CVE-2022-37866
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When Apache Ivy downloads artifacts from a repository it stores them in the local file system based on a user-supplied pattern that may include placeholders for...
Linux Distros Unpatched Vulnerability : CVE-2021-31535
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request intended...
openSUSE Security Advisory (openSUSE-SU-2025:0081-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2021-47103
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inet: fully convert sk-skrxdst to RCU rules syzbot reported various issues around early demux, one being included in this changelog 1 sk-skrxdst is using RCU...
Linux Distros Unpatched Vulnerability : CVE-2024-40925
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: block: fix request.queuelist usage in flush Friedrich Weber reported a kernel crash problem...
Linux Distros Unpatched Vulnerability : CVE-2021-42574
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control...
Linux Distros Unpatched Vulnerability : CVE-2024-39473
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension I...
Linux Distros Unpatched Vulnerability : CVE-2024-33899
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences...
Linux Distros Unpatched Vulnerability : CVE-2020-36242
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer...
Linux Distros Unpatched Vulnerability : CVE-2024-43167
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DISPUTE NOTE: this issue does not pose a security risk as it according to analysis by the original software developer, NLnet Labs falls within the expected...
CVE-2025-27111
Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences such as newline characters into the header, resulting in log injection. This vulnerability is fixed...
DEBIAN-CVE-2025-27111
Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences such as newline characters into the header, resulting in log injection. This vulnerability is fixed...
CVE-2025-27111
Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences such as newline characters into the header, resulting in log injection. This vulnerability is fixed...
UBUNTU-CVE-2025-27111
Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences such as newline characters into the header, resulting in log injection. This vulnerability is fixed...
Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection
Summary Rack::Sendfile can be exploited by crafting input that includes newline characters to manipulate log entries. Details The Rack::Sendfile middleware logs unsanitized header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences such as newline...
GHSA-8CGQ-6MH2-7J6V Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection
Summary Rack::Sendfile can be exploited by crafting input that includes newline characters to manipulate log entries. Details The Rack::Sendfile middleware logs unsanitized header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences such as newline...