1626 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-17527
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request...
Linux Distros Unpatched Vulnerability : CVE-2020-11762
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the...
Linux Distros Unpatched Vulnerability : CVE-2018-5336
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the...
Linux Distros Unpatched Vulnerability : CVE-2017-14977
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table...
Linux Distros Unpatched Vulnerability : CVE-2015-7810
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libbluray MountManager class has a time-of-check time-of-use TOCTOU race when expanding JAR files CVE-2015-7810 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2012-3160
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality...
Linux Distros Unpatched Vulnerability : CVE-2012-4025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the queueinit function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a...
Linux Distros Unpatched Vulnerability : CVE-2017-13688
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsrprint. CVE-2017-13688 Note that Nessus relies on the presence of the package ...
Linux Distros Unpatched Vulnerability : CVE-2018-20365
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibRaw::raw2image in librawcxx.cpp has a heap-based buffer overflow. CVE-2018-20365 Note that Nessus relies on the presence of the package as reported by the...
Linux Distros Unpatched Vulnerability : CVE-2017-2616
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this fl...
Linux Distros Unpatched Vulnerability : CVE-2019-11098
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or...
Linux Distros Unpatched Vulnerability : CVE-2016-6322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Red Hat QuickStart Cloud Installer QCI uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deploy...
Linux Distros Unpatched Vulnerability : CVE-2019-18677
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Squid 3.x and 4.x through 4.8 when the appenddomain setting is used because the appended characters do not properly interact with...
Linux Distros Unpatched Vulnerability : CVE-2014-1387
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.1.6 and 7.x before 7.0.6, allows remote attackers to execute arbitrary code or cause a denial of service memory...
Linux Distros Unpatched Vulnerability : CVE-2015-1380
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service abort via a crafted chunk-encoded body. CVE-2015-1380 Note that Nessus relie...
Linux Distros Unpatched Vulnerability : CVE-2018-14882
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. CVE-2018-14882 Note that Nessus relies on the presence of the package as...
Linux Distros Unpatched Vulnerability : CVE-2020-16308
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow vulnerability in pprintimage in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2019-16276
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. CVE-2019-16276 Note that Nessus relies on the presence of the package as reported by th...
Linux Distros Unpatched Vulnerability : CVE-2021-29470
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in...
Linux Distros Unpatched Vulnerability : CVE-2015-3409
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working...