2346 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-56561
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix PCI domain ID release in pciepcdestroy pciepcdestroy invokes...
Linux Distros Unpatched Vulnerability : CVE-2017-17917
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id'...
Linux Distros Unpatched Vulnerability : CVE-2014-9235
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple SQL injection vulnerabilities in Zoph aka Zoph Organizes Photos 0.9.1 and earlier allow remote authenticated users to execute arbitrary SQL commands vi...
Linux Distros Unpatched Vulnerability : CVE-2024-57881
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In...
Linux Distros Unpatched Vulnerability : CVE-2024-56374
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when...
Linux Distros Unpatched Vulnerability : CVE-2024-7534
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2025-1006
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Network in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted web app...
Linux Distros Unpatched Vulnerability : CVE-2023-45666
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn't give guarantees about the content of output value...
Linux Distros Unpatched Vulnerability : CVE-2024-52510
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed...
Linux Distros Unpatched Vulnerability : CVE-2024-50336
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via...
Linux Distros Unpatched Vulnerability : CVE-2025-1020
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and we presume that with enough effort so...
Linux Distros Unpatched Vulnerability : CVE-2018-8102
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service buffer over-read and application crash vi...
Linux Distros Unpatched Vulnerability : CVE-2025-21672
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace1. This is because if argc is less than 0 and the functi...
Linux Distros Unpatched Vulnerability : CVE-2024-57987
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: check for NULL in btrtlsetuprealtek If insert an USB dongle which chip is...
Linux Distros Unpatched Vulnerability : CVE-2024-56691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mfd: intelsocpmicbxtwc: Use IRQ domain for USB Type-C device While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correc...
Linux Distros Unpatched Vulnerability : CVE-2024-47879
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, lack of cross- site request forgery protection on the...
Linux Distros Unpatched Vulnerability : CVE-2025-27516
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker...
Linux Distros Unpatched Vulnerability : CVE-2024-6221
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in corydolphin/flask-cors version 4.0.1 allows the Access-Control-Allow-Private-Network CORS header to be set to true by default. This behavior...
Linux Distros Unpatched Vulnerability : CVE-2025-1915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a...
Linux Distros Unpatched Vulnerability : CVE-2024-49767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Werkzeug is a Web Server Gateway Interface web application library. Applications using werkzeug.formparser.MultiPartParser corresponding to a version of Werkzeu...