2346 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-7169
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in the FileUploadUpgrader class in wp-admin/includes/class-file- upload-upgrader.php in the upgrade package uploader in...
Linux Distros Unpatched Vulnerability : CVE-2017-3226
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature...
Linux Distros Unpatched Vulnerability : CVE-2016-7505
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. MuJS before 8c805b4eb19cf2af689c860b77e6111d2ee439d5. A successful...
Linux Distros Unpatched Vulnerability : CVE-2016-10187
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript. CVE-2016-10187 Note that Nessu...
Linux Distros Unpatched Vulnerability : CVE-2017-10792
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a NULL Pointer Dereference in the function llinsert of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the...
Linux Distros Unpatched Vulnerability : CVE-2019-9187
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228 allows SSRF via the aggregate plugin. The impact also includes reading local files via fil...
Linux Distros Unpatched Vulnerability : CVE-2018-19838
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENTASTOPERATORS expansion allow attackers to cause a denial-of-service resulting from stack...
Linux Distros Unpatched Vulnerability : CVE-2018-10380
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack. CVE-2018-10380 Note that Nessus relies ...
Linux Distros Unpatched Vulnerability : CVE-2016-9909
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than...
Linux Distros Unpatched Vulnerability : CVE-2014-10064
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will blo...
Linux Distros Unpatched Vulnerability : CVE-2017-9129
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The wavopenread function in frontend/input.c in Freeware Advanced Audio Coder FAAC 1.28 allows remote attackers to cause a denial of service large loop via a...
Linux Distros Unpatched Vulnerability : CVE-2019-12108
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for...
Linux Distros Unpatched Vulnerability : CVE-2017-9105
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug m...
Linux Distros Unpatched Vulnerability : CVE-2018-14682
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER macro for CHM decompression. CVE-2018-14682...
Linux Distros Unpatched Vulnerability : CVE-2017-8114
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions before 1.0.11, 1.1.x before 1.1.9, and 1.2.x before 1.2.5. The...
Linux Distros Unpatched Vulnerability : CVE-2018-4261
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2,...
Linux Distros Unpatched Vulnerability : CVE-2019-16222
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WordPress before 5.2.3 has an issue with URL sanitization in wpksesbadprotocolonce in wp- includes/kses.php that can lead to cross-site scripting XSS attacks...
Linux Distros Unpatched Vulnerability : CVE-2024-11697
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When handling keypress events, an attacker may have been able to trick a user into bypassing the Open Executable File? confirmation dialog. This could have led ...
Linux Distros Unpatched Vulnerability : CVE-2017-16805
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a denial of service invalid read and application crash via a crafted ELF file, related to...
Linux Distros Unpatched Vulnerability : CVE-2016-7649
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before...