Linux Distros Unpatched Vulnerability : CVE-2020-36403

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTSlib through 1.10.2 allows out-of-bounds write access in vcfparseformat called from vcfparse and vcfread. CVE-2020-36403 Note that Nessus relies on the presen...

Linux Distros Unpatched Vulnerability : CVE-2023-3649

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file CVE-2023-3649 Note that Nessus relies on...

Linux Distros Unpatched Vulnerability : CVE-2024-26134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR RFC 8949 serialization format. Starting in version 5.5.1 and prior to...

Linux Distros Unpatched Vulnerability : CVE-2024-28564

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the Imf22::CharPtrIO::readCha...

Linux Distros Unpatched Vulnerability : CVE-2022-4639

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, has been found in sslh. This issue affects the function hexdump of the file probe.c of the component Packet...

Linux Distros Unpatched Vulnerability : CVE-2023-36308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - disintegration Imaging 1.6.2 allows attackers to cause a panic because of an integer index out of range during a Grayscale call via a crafted TIFF file to the...

Linux Distros Unpatched Vulnerability : CVE-2018-1000052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fmtlib version prior to version 4.1.0 before commit 0555cea5fc0bf890afe0071a558e44625a34ba85 contains a Memory corruption SIGSEGV, CWE-134 vulnerability in...

Linux Distros Unpatched Vulnerability : CVE-2024-42845

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2021-21900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code execution vulnerability exists in the dxfRW::processLType functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dxf file can le...

Linux Distros Unpatched Vulnerability : CVE-2023-40551

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's...

Linux Distros Unpatched Vulnerability : CVE-2020-25614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service SIGSEGV at...

CGA-V9J4-97RJ-3R4X

Bulletin has no description...

CVE-2025-14553

creationtimestamp| type| source ---|---|--- 2025-08-29 21:16:45+00:00| seen| https://gist.github.com/Darkcrai86/4927207aa0e4ad68563e7bbeed90ec22 2026-01-09 02:01:06+00:00| published-proof-of-concept| Telegram/9r3a4T582Uj-d8cAzOCMsayyXRdqw-Vs2IIS-Y7LNVntDY 2026-01-09 02:01:16+00:00| seen|...

CVE-2024-13984

creationtimestamp| type| source ---|---|--- 2025-08-29 21:02:24+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lxkxf7jybe2p 2025-11-24 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-11-24 2026-06-23 14:03:57+00:00| exploited|...

DoS Vulnerability in ntpd-rs

Summary A denial of service vulnerability was discovered in ntpd-rs where an attacker can induce a message storm between two NTP servers running ntpd-rs. Details Since ntpd-rs version 1.2.0, when configured as a server, incorrectly responded to all NTP messages sent to the server's port with a ti...

CVE-2025-9670 mixmark-io turndown commonmark-rules.js redos

A security flaw has been discovered in mixmark-io turndown up to 7.2.1. This affects an unknown function of the file src/commonmark-rules.js. Performing manipulation results in inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been released...

MAL-2025-41959 Malicious code in cookies-logger (npm)

The package cookies-logger was found to contain malicious code...

Security Bulletin: IBM Data Product Hub is affected by several vulnerabilities

Summary IBM Data Product Hub has dependencies on IBM Semeru, IBM WebSphere Application Server Liberty, Requests Python HTTP library, and Node.js Dompurify, Brace-expansion, Xmldom, Undici, and Form-data runtime modules, which are vulnerable. This bulletin contains information regarding the...

CVE-2025-44015

CVE-2025-44015 affects HybridDesk Station. The vulnerability is described as a command injection that can be exploited when an attacker has local network access to execute arbitrary commands. The available documents confirm the affected product and the underlying issue as command injection, with ...

CVE-2025-33033

CVE-2025-33033 affects QNAP Qsync Central. A path traversal vulnerability allows a remote attacker who has a user account to read unexpected files or system data. The issue is fixed in Qsync Central 4.5.0.7 and later (patch released around 2025-04-23). Affected versions prior to 4.5.0.7 should be...