1822 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-7126
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows...
Linux Distros Unpatched Vulnerability : CVE-2017-18018
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX -R -L options...
Linux Distros Unpatched Vulnerability : CVE-2017-12644
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadDCMImage in coders\dcm.c. CVE-2017-12644 Note that Nessus relies on the presence of the package as...
Linux Distros Unpatched Vulnerability : CVE-2017-17521
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow...
Linux Distros Unpatched Vulnerability : CVE-2021-28163
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the...
Linux Distros Unpatched Vulnerability : CVE-2019-13050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver...
Linux Distros Unpatched Vulnerability : CVE-2013-1900
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers,...
Linux Distros Unpatched Vulnerability : CVE-2012-0840
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tables/aprhash.c in the Apache Portable Runtime APR library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions...
Linux Distros Unpatched Vulnerability : CVE-2017-15017
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c. CVE-2017-15017 Note that Nessus relies on the presence ...
Linux Distros Unpatched Vulnerability : CVE-2019-8536
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for...
Linux Distros Unpatched Vulnerability : CVE-2017-5495
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of Quagga, 0.93 through 1.1.0, are vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga...
Linux Distros Unpatched Vulnerability : CVE-2016-2168
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The reqcheckaccess function in the modauthzsvn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated...
Linux Distros Unpatched Vulnerability : CVE-2016-7867
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class...
Linux Distros Unpatched Vulnerability : CVE-2017-4965
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PC...
Linux Distros Unpatched Vulnerability : CVE-2020-15654
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are...
Linux Distros Unpatched Vulnerability : CVE-2017-3224
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open Shortest Path First OSPF protocol implementations may improperly determine Link State Advertisement LSA recency for LSAs with MaxSequenceNumber. According ...
Linux Distros Unpatched Vulnerability : CVE-2017-4966
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PC...
Linux Distros Unpatched Vulnerability : CVE-2020-26559
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device participating in the provisioning protocol to identify the...
Linux Distros Unpatched Vulnerability : CVE-2020-14339
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged...
Linux Distros Unpatched Vulnerability : CVE-2017-12617
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the...