Linux Distros Unpatched Vulnerability : CVE-2021-33622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a Function's Return Value. CVE-2021-33622 Note that Nessus relies...

EUVD-2018-1911

Malware in sbrugna...

EUVD-2022-3932

Malicious code in bioql PyPI...

CVE-2024-49195

Mbed TLS 3.5.x through 3.6.x before 3.6.2 has a buffer underrun in pkwrite when writing an opaque key pair...

CVE-2024-49195

Mbed TLS 3.5.x through 3.6.x before 3.6.2 has a buffer underrun in pkwrite when writing an opaque key pair...

MediaWiki Cargo 安全漏洞

MediaWiki Cargo is an extension of the American Wikimedia MediaWiki Foundation. A security vulnerability exists in MediaWiki Cargo version 3.6.X prior to 3.6.1, which stems from the presence of a SQL injection vulnerability...

MediaWiki 安全漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki version 3.6.X prior to 3.6.1, which stems from the...

Samba read_nttrans_ea_list Integer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/struct2' class MetasploitModule 'Samba readnttransealist Integer Overflow', 'Description' = %q Integer overflow in the readnttransealist function in nttrans...

PT-2024-11728 · Northern.Tech · Mender

Name of the Vulnerable Software and Affected Versions: Northern.tech Mender versions 3.3.x through 3.3.1 Northern.tech Mender versions 3.4.x through 3.4.0 Northern.tech Mender versions 3.5.x through 3.5.0 Northern.tech Mender versions 3.6.x through 3.6.0 Description: The issue is related to...

CVE-2024-0208

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file...

PT-2023-6128 · Wireshark +4 · Wireshark +4

Name of the Vulnerable Software and Affected Versions: Wireshark versions 3.6.0 through 3.6.16 Wireshark versions 4.0.0 through 4.0.8 Description: The issue is related to a memory leak in the RTPS dissector of Wireshark, which can be exploited to cause a denial of service. This can be achieved vi...

PT-2023-22077 · Nextcloud +2 · Nextcloud Desktop Client +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop Client versions 3.0.0 through 3.6.x Description: The Nextcloud Desktop Client synchronizes files from Nextcloud Server. A malicious server could exploit the client's trust in the server's certificate, leading to the encrypti...

SUSE CVE-2010-1214

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements...

SUSE CVE-2010-1215

Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement access to a content object through a SafeJSObjectWrapper aka SJOW wrapper, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging "access to an object...

SUSE CVE-2011-0066

Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mObserverList...

SilverStripe CSV Excel Macro Injection

In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and scripts, which may be executed if imported without sanitization into common software including Microsoft Excel. For example, the CSV data may contai...

DEBIAN-CVE-2022-0583

Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file...

Python 2.7.x < 2.7.17, 3.5.x < 3.5.7, 3.6.x < 3.6.9, 3.7.x < 3.7.3 Information Disclosure Vulnerability (bpo-36216) - Windows

Python is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

MongoDB Log Spoofing Vulnerability (SERVER-50605)

MongoDB is prone to a log spoofing vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if descriptio...

CVE-2021-33622

Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a Function's Return Value...