5610 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-3016
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function...
Linux Distros Unpatched Vulnerability : CVE-2025-3015
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function...
Linux Distros Unpatched Vulnerability : CVE-2020-15705
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel...
Linux Distros Unpatched Vulnerability : CVE-2025-4664
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
Linux Distros Unpatched Vulnerability : CVE-2024-38807
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be...
Linux Distros Unpatched Vulnerability : CVE-2019-19638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function loadpnm at frompnm.c, due to an integer overflow. CVE-2019-1963...
Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads
Cybersecurity researchers have flagged a new phishing campaign that's using fake voicemails and purchase orders to deliver a malware loader called UpCrypter. The campaign leverages "carefully crafted emails to deliver malicious URLs linked to convincing phishing pages," Fortinet FortiGuard Labs...
Linux Distros Unpatched Vulnerability : CVE-2017-2900
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow exists in the PNG loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.png'...
Linux Distros Unpatched Vulnerability : CVE-2017-2905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow exists in the bmp loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.bmp'...
SUSE CVE-2025-38633
In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: mark K1 pll1d8 as critical The pll1d8 clock is enabled by the boot loader, and is ultimately a parent for numerous clocks, including those used by APB and AXI buses. Guodong Xu discovered that this clock got disabl...
SUSE CVE-2023-46229
LangChain before 0.0.317 allows SSRF via documentloaders/recursiveurlloader.py because crawling can proceed from an external server to an internal server...
VulnCheck KEV: CVE-2023-46229
LangChain before 0.0.317 allows SSRF via documentloaders/recursiveurlloader.py because crawling can proceed from an external server to an internal server...
GNU GRUB Buffer Overflow Vulnerability
GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a buffer overflow vulnerability, which stems from a missing JPEG parser buffer boundary check, that can be exploited by an attacker to run arbitrary code in the context of an affected application and take contro...
GNU GRUB Buffer Overflow Vulnerability
GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a buffer overflow vulnerability, which originates in the UFS module, where the program does not properly manage memory allocation and release when processing data, and can be exploited by an attacker to obtain...
@antonyfaris/prefix-node-builtins (>=1.0.0 <=1.0.1), @awesome-myst/myst-awesome (>=0.0.1 <=0.0.7) +7 more potentially affected by CVE-2025-55303 via astro (>=5.0.0-beta.5 <=5.13.10)
astro NPM version =5.0.0-beta.5, =1.0.0, =0.0.1, =0.0.1, =0.1.8, =0.0.1, =0.0.1, =1.249.8, =1.267.0 Source cves: CVE-2025-55303 Source advisory: SNYK:JS-ASTRO-12027668...
CVE-2025-9092
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castl...
Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824
In April 2025, Microsoft patched 121 vulnerabilities in its products. According to the company, only one of them was being used in real-world attacks at the time the patch was released: CVE-2025-29824. The exploit for this vulnerability was executed by the PipeMagic malware, which we first...
Linux Distros Unpatched Vulnerability : CVE-2022-37603
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Regular expression denial of service ReDoS flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable...
Linux Distros Unpatched Vulnerability : CVE-2019-19777
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbiloadmain. CVE-2019-19777 Note that...