6680 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-49271
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and...
Linux Distros Unpatched Vulnerability : CVE-2022-48651
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipvlan: Fix out-of-bound bugs caused by unset skb-macheader If an AFPACKET socket is used to send packets through ipvlan and the default xmit function of the...
Linux Distros Unpatched Vulnerability : CVE-2024-26960
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between freeswapandcache and swapoff There was previously a theoretical...
Linux Distros Unpatched Vulnerability : CVE-2024-26925
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release mutex after nftgcseqend from abort path The commit mutex should...
Linux Distros Unpatched Vulnerability : CVE-2024-27057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend When the system is suspended while audio is active, the sofipc4pcmhwfree is invoked to...
CVE-2025-1955
A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Scheduling/scheduling/pages/profile.php. The manipulation of the argument username leads to cross site...
RUSTSEC-2025-0011 `openpgp-card-sequoia` is unmaintained.
The openpgp-card-sequoia crate is no longer actively maintained. You can use the openpgp-card-rpgp crate for OpenPGP card client functionality instead...
`openpgp-card-sequoia` is unmaintained.
The openpgp-card-sequoia crate is no longer actively maintained. You can use the openpgp-card-rpgp crate for OpenPGP card client functionality instead...
CVE-2025-1814
A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is some unknown functionality of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto leads to stack-based buffer overflow. The attack may be launched remotel...
PT-2025-9700 · Softwarex · Softwarex
Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 6.7.0 Description: The issue allows for path traversal, which may enable remote code execution using a privileged account, requiring a device admin account. This cannot be performed by a regular user. In combinatio...
Linux Distros Unpatched Vulnerability : CVE-2014-9751
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The readnetworkpacket function in ntpio.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6...
Linux Distros Unpatched Vulnerability : CVE-2012-0217
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and...
Linux Distros Unpatched Vulnerability : CVE-2011-0543
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypas...
CVE-2025-27413
PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality allows an administrator to import raw data into the database, including Path Traversal ../ sequences. This is problematic for the template update functionality as it uses the path from the...
CVE-2025-27413
Summary of CVE-2025-27413 (PwnDoc) : Prior to version 1.2.0, PwnDoc’s backup restore functionality accepts raw data containing Path Traversal sequences (../). The template update process uses the database path to write content, which can overwrite source code and enable Remote Code Execution (RCE...
CVE-2025-24316
The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could lead to unsafe functionality...
CVE-2025-24316 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Exposure of Sensitive Information Due to Incompatible Policies
The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could lead to unsafe functionality...
CVE-2025-24316
CVE-2025-24316 affects the Dario Health Internet-based server infrastructure. The issue is exposure of development environment details, leading to unsafe functionality as described in the CVE entry and corroborated by multiple sources (NVD, Red Hat, CIRCL, PT Security, and CISA ICS advisory). CVS...
CVE-2022-25773
This advisory addresses a file placement vulnerability that could allow assets to be uploaded to unintended directories on the server. Improper Limitation of a Pathname to a Restricted Directory: A vulnerability exists in the asset upload functionality that allows users to upload files to...
Dario Health 安全漏洞
Dario Health is a software from Dario Health that provides digital health solutions for patients with chronic conditions. Dario Health has a security vulnerability that stems from the exposure of development environment details that could lead to unsafe functionality...