1867 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-31916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds OOB memory write flaw was found in listdevices in drivers/md/dm-ioctl.c in the Multi- device driver module in the Linux kernel before 5.12. A...
Linux Distros Unpatched Vulnerability : CVE-2020-7942
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate...
Linux Distros Unpatched Vulnerability : CVE-2021-33286
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In NTFS-3G versions 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code executio...
Linux Distros Unpatched Vulnerability : CVE-2022-22823
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. CVE-2022-22823 Note that Nessus relies on the presence of the package as...
Linux Distros Unpatched Vulnerability : CVE-2022-39955
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OWASP ModSecurity Core Rule Set CRS is affected by a partial rule set bypass by submitting a specially crafted HTTP Content-Type header field that indicates...
Linux Distros Unpatched Vulnerability : CVE-2022-38752
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker m...
Linux Distros Unpatched Vulnerability : CVE-2024-3119
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions...
Linux Distros Unpatched Vulnerability : CVE-2024-32658
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. Version 3.5....
Linux Distros Unpatched Vulnerability : CVE-2022-4510
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an...
Linux Distros Unpatched Vulnerability : CVE-2022-48714
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Use VMMAP instead of VMALLOC for ringbuf After commit 2fd3fb0be1d1 kasan, vmalloc:...
Linux Distros Unpatched Vulnerability : CVE-2024-27397
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout Add a timestamp field at...
Linux Distros Unpatched Vulnerability : CVE-2022-3970
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tifgetimage.c. The...
Linux Distros Unpatched Vulnerability : CVE-2021-36370
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor...
Linux Distros Unpatched Vulnerability : CVE-2022-49599
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcp: Fix data-races around sysctltcpl3mdevaccept. While reading sysctltcpl3mdevaccept, it can be changed concurrently. Thus, we need to add READONCE to its...
Linux Distros Unpatched Vulnerability : CVE-2022-1353
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the pfkeyregister function in net/key/afkey.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to...
Linux Distros Unpatched Vulnerability : CVE-2022-2344
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. CVE-2022-2344 Note that Nessus relies on the presence of the package as reported by t...
Linux Distros Unpatched Vulnerability : CVE-2024-31578
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the avhwframectxinit function. CVE-2024-31578 Note that Nessus relies on the presence ...
Linux Distros Unpatched Vulnerability : CVE-2024-26679
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: inet: read sk-skfamily once in inetrecverror inetrecverror is called without holding the...
Linux Distros Unpatched Vulnerability : CVE-2024-47723
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jfs: fix out-of-bounds in dbNextAG and diAlloc In dbNextAG , there is no check for the case where bmp-dbnumag is greater or same than MAXAG due to a polluted...
Linux Distros Unpatched Vulnerability : CVE-2022-25896
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed. CVE-2022-25896 Note that...