1417 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-9894
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. CVE-2019-9894 Note that Nessus relies o...
CVE-2025-55298
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...
CVE-2025-55298 ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...
CVE-2025-55298
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...
CVE-2025-55298 ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...
CVE-2025-55298
ImageMagick vulnerability CVE-2025-55298 is caused by a format string bug in InterpretImageFilename where un-sanitized user input is passed to FormatLocaleString, enabling potential heap overflow or remote code execution due to memory overwrite. Affected releases before patches include ImageMagic...
CVE-2011-10023
MJM QuickPlayer likely now referred to as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitra...
CVE-2010-20123
The CVE-2010-20123 entry concerns Steinberg MyMP3Player (version 3.0, build 3.0.0.67). It describes a stack-based buffer overflow triggered while parsing .m3u playlist files, due to improper validation of input length in the playlist data. The vulnerability allows an attacker to overwrite memory ...
Linux Distros Unpatched Vulnerability : CVE-2023-53065
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix perfoutputbegin parameter is incorrectly invoked in perfeventbpfoutput...
ROS-20250813-11
A vulnerability in the SMM component of AMD GPU firmware is related to incorrect processing of some special address ranges with invalid entries in the device table DTE. device table entries DTE. Exploitation of the vulnerability could allow an attacker to escalate privileges on the system A...
Linux Distros Unpatched Vulnerability : CVE-2021-42252
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspee...
Linux Distros Unpatched Vulnerability : CVE-2022-48940
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to incorrect copymapvalue When both bpfspinlock and bpftimer are present ...
CVE-2012-10023
A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing remote attackers to overwrite memory and potentially execute arbitrary code. The flaw is triggered by sending an overly long...
CVE-2012-10023
A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing remote attackers to overwrite memory and potentially execute arbitrary code. The flaw is triggered by sending an overly long...
CVE-2012-10035 Turbo FTP Server 1.30.823/826 PORT Command Buffer Overflow
Turbo FTP Server versions 1.30.823 and 1.30.826 contain a buffer overflow vulnerability in the handling of the PORT command. By sending a specially crafted payload, an unauthenticated remote attacker can overwrite memory structures and execute arbitrary code with SYSTEM privileges...
CVE-2012-10023 FreeFloat FTP Server USER Command Buffer Overflow
A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing remote attackers to overwrite memory and potentially execute arbitrary code. The flaw is triggered by sending an overly long...
Linux Distros Unpatched Vulnerability : CVE-2024-35798
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race in readextentbufferpages There are reports from tree-checker that detects...
CVE-2014-125122
A stack-based buffer overflow vulnerability exists in the tmUnblock.cgi endpoint of the Linksys WRT120N wireless router. The vulnerability is triggered by sending a specially crafted HTTP POST request with an overly long TMBlockURL parameter to the endpoint. By exploiting this flaw, an...
easy-linux-pwn
This is a set of Linux binary exploitation tasks for beginners on various architectures. The tasks are designed to be solved using a suggested approach, even if there are other easier ways. The tasks assume a dynamically linked libc with a known binary and require the use of ROP Return-Oriented...
TencentOS Server 3: nginx:1.20 (TSSA-2022:0016)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0016 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...