PT-2025-33818 · Unknown · Screenshot-Desktop

Name of the Vulnerable Software and Affected Versions: screenshot-desktop versions prior to 1.15.2 Description: screenshot-desktop is susceptible to a command injection issue. User-controlled input provided to the format option of the screenshot function is interpolated into a shell command witho...

ROS-20250819-09

Vulnerability of libxml2 library's xmlSchematronFormatReport function is related to reading data outside of the buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted XML file Vulnerability in the...

Linux Distros Unpatched Vulnerability : CVE-2019-12493

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace...

Linux Distros Unpatched Vulnerability : CVE-2009-3608

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF,...

Amazon Linux 2 : gstreamer-plugins-bad-free (ALAS-2025-2972)

The version of gstreamer-plugins-bad-free installed on the remote host is prior to 0.10.23-42. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2972 advisory. Integer overflow leading to heap overwrite in MXF file handling with uncompressed video NOTE:...

Linux Distros Unpatched Vulnerability : CVE-2009-3604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocat...

Linux Distros Unpatched Vulnerability : CVE-2016-7406

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Format string vulnerability in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via format string specifiers in the 1 username or 2...

CVE-2025-38528

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject %p% format string in bprintf-like helpers static const char fmt = "%p%"; bpftraceprintkfmt, sizeoffmt; The above BPF program isn't rejected and causes a kernel warning at runtime: Please remove unsupported %\x00 in...

Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.

Summary Multiple vulnerabilities were addressed in IBM Concert Software version 2.0.0 Vulnerability Details CVEID:CVE-2025-48379 DESCRIPTION: Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large 64k encoded with...

Linux Distros Unpatched Vulnerability : CVE-2023-33733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file. CVE-2023-33733 Note that Nessus relies on the presence of t...

Linux Distros Unpatched Vulnerability : CVE-2025-2761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

Linux Distros Unpatched Vulnerability : CVE-2018-6142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Array bounds check failure in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file...

Linux Distros Unpatched Vulnerability : CVE-2022-43598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially craft...

Linux Distros Unpatched Vulnerability : CVE-2024-28578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to execute arbitrary code via the Load function when reading image...

Linux Distros Unpatched Vulnerability : CVE-2018-1999012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a...

Linux Distros Unpatched Vulnerability : CVE-2020-35655

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled...

Linux Distros Unpatched Vulnerability : CVE-2025-48072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 i...

Linux Distros Unpatched Vulnerability : CVE-2020-10379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. CVE-2020-10379 Note that Nessus relies on the presence of the package as...

Linux Distros Unpatched Vulnerability : CVE-2017-15185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbisblockclear function with uninitialized data upon detection of invalid input, which allows remote...

Passive Hack-Back Strategies for Cyber Attribution: Covert Vectors in Denied Environment

Attributing cyberattacks remains a central challenge in modern cybersecurity, particularly within denied environments where defenders have limited visibility into attacker infrastructure and are restricted by legal or operational rules of engagement. This perspective examines the strategic value ...