1871 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-21896
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Use After Free vulnerability in svgdevtextspanaspathsdefs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cau...
Linux Distros Unpatched Vulnerability : CVE-2017-9111
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary...
Linux Distros Unpatched Vulnerability : CVE-2015-8374
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information...
Linux Distros Unpatched Vulnerability : CVE-2018-5332
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel through 3.2, the rdsmessageallocsgs function does not validate a value that is used during DMA page allocation, leading to a heap-based...
Linux Distros Unpatched Vulnerability : CVE-2018-16640
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c. CVE-2018-16640 Note that Nessus relies on the presence of t...
Linux Distros Unpatched Vulnerability : CVE-2019-2692
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 8.0.15 and prior. Difficult ...
Linux Distros Unpatched Vulnerability : CVE-2017-6467
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file. This was addressed in...
Linux Distros Unpatched Vulnerability : CVE-2018-19134
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this...
Linux Distros Unpatched Vulnerability : CVE-2019-9208
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. This was addressed in epan/dissectors/asn1/tcap/tcap.cnf by avoiding NULL point...
Linux Distros Unpatched Vulnerability : CVE-2016-9533
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tifpixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka PixarLog horizontalDifference...
Linux Distros Unpatched Vulnerability : CVE-2017-5503
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The decclnpass function in libjasper/jpc/jpct1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service invalid memory write and crash or...
Linux Distros Unpatched Vulnerability : CVE-2017-9197
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libautotrace.a in AutoTrace 0.31.1 has a cannot be represented in type int issue in input-tga.c:498:55. CVE-2017-9197 Note that Nessus relies on the presence of...
Linux Distros Unpatched Vulnerability : CVE-2017-9735
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapse...
Linux Distros Unpatched Vulnerability : CVE-2013-1732
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird...
Linux Distros Unpatched Vulnerability : CVE-2017-12894
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookupbytestring. CVE-2017-12894 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2019-10171
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be...
Linux Distros Unpatched Vulnerability : CVE-2013-2924
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in International Components for Unicode ICU, as used in Google Chrome before 30.0.1599.66 and other products, allows remote attacke...
Linux Distros Unpatched Vulnerability : CVE-2016-2523
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dnp3alprocessobject function in epan/dissectors/packet-dnp.c in the DNP3 dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote...
Linux Distros Unpatched Vulnerability : CVE-2020-8450
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a...
Linux Distros Unpatched Vulnerability : CVE-2012-2663
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - extensions/libxttcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewa...