Linux Distros Unpatched Vulnerability : CVE-2024-9266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Express. This vulnerability affects the use of the Express Response object. This issue impact...

Linux Distros Unpatched Vulnerability : CVE-2026-24684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async playback thread can process queued PDUs after the channel is...

Linux Distros Unpatched Vulnerability : CVE-2025-4090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability was fixed in Firefox...

Linux Distros Unpatched Vulnerability : CVE-2026-24681

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk transfer completions can use a freed channel callback after...

CVE-2026-24857

bulkextractor is a digital forensics exploitation tool. Starting in version 1.4, bulkextractor’s embedded unrar code has a heap‑buffer‑overflow in the RAR PPM LZ decoding path. A crafted RAR inside a disk image causes an out‑of‑bounds write in Unpack::CopyString, leading to a crash under ASAN and...

Linux Distros Unpatched Vulnerability : CVE-2026-0818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled...

Linux Distros Unpatched Vulnerability : CVE-2026-1504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted...

Command Injection

Overview runx is a runx - experiment manager for machine learning research Affected versions of this package are vulnerable to Command Injection in undisclosed functionality. According to the vendor, an attacker can execute arbitrary code, escalate privileges, cause denial of service, disclose...

Security Bulletin: NVIDIA runx - January 2026

A security issue was found in NVIDIA runx: https://github.com/NVIDIA/runx during End of Support, but prior to End of Life. As a result, NVIDIA has added an End of Life notice in the README. No patch will be released. Go to NVIDIA Product Security. Details The following table summarizes the...

Linux Distros Unpatched Vulnerability : CVE-2026-24882

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...

Linux Distros Unpatched Vulnerability : CVE-2026-22264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3 and 7.0.14, an unsigned integer overflow can lead to a heap use-after-free condition when...

Linux Distros Unpatched Vulnerability : CVE-2026-1484

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the...

Linux Distros Unpatched Vulnerability : CVE-2026-22261

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered i...

Linux Distros Unpatched Vulnerability : CVE-2026-1415

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gfmediaexportwebvttmetadata of the file src/mediatools/mediaexport.c. The...

Linux Distros Unpatched Vulnerability : CVE-2026-22984

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the...

Linux Distros Unpatched Vulnerability : CVE-2024-31884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pybind: Improper use of Pybind CVE-2024-31884 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable,...

Linux Distros Unpatched Vulnerability : CVE-2025-48884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Galette is a membership management web application for non profit organizations. In versions 1.1.5.2 and below, Galette's Document Type is vulnerable to...

Linux Distros Unpatched Vulnerability : CVE-2026-23952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Versions 14.10.1 and below have a NULL pointer dereference...

Linux Distros Unpatched Vulnerability : CVE-2026-23732

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, FastGlyph parsing trusts cbData/remaining length and never validates...

Linux Distros Unpatched Vulnerability : CVE-2025-71105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: use global inlinexattrslab instead of per-sb slab cache As Hong Yun reported in mailing list: loop7: detected capacity change from 0 to 131072 -----------...