4523 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-68178
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-cgroup: fix possible deadlock while configuring policy Following deadlock can be triggered easily by lockdep: WARNING: possible circular locking dependency...
Linux Distros Unpatched Vulnerability : CVE-2025-68263
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic...
Linux Distros Unpatched Vulnerability : CVE-2022-50652
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uio: uiodmemgenirq: Fix missing unlock in irq configuration Commit b74351287d4b uio: fix a sleep-in- atomic-context bug in uiodmemgenirqirqcontrol started calli...
Linux Distros Unpatched Vulnerability : CVE-2023-53798
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since...
Linux Distros Unpatched Vulnerability : CVE-2022-50638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix bugon in estreesearch caused by bad boot loader inode We got a issue as fllows: ==================================================================...
Linux Distros Unpatched Vulnerability : CVE-2023-53858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tty: serial: samsungtty: Fix a memory leak in s3c24xxserialgetclk in case of error If clkgetrate fails, the clk that has just been allocated needs to be freed...
Linux Distros Unpatched Vulnerability : CVE-2025-14308
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow vulnerability exists in the write method of the Buffer class in Robocode version 1.9.3.6. The method fails to properly validate the length o...
Linux Distros Unpatched Vulnerability : CVE-2025-14322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31,...
Linksys RE7000 Router Firmware <= 2.0.15_211230_1012 Buffer Overflow Vulnerability
Linksys RE7000 routers are prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Linux Distros Unpatched Vulnerability : CVE-2023-53860
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm: don't attempt to queue IO under RCU protection dm looks up the table for IO based on the request type, with an assumption that if the request is marked...
Linux Distros Unpatched Vulnerability : CVE-2025-40303
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: ensure no dirty metadata is written back for an fs with errors BUG During development of a minor feature make sure all btrfsbio::endio is called in task...
Linux Distros Unpatched Vulnerability : CVE-2023-53747
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vcscreen: reload load of struct vcdata pointer in vcswrite to avoid UAF After a call to consoleunlock in vcswrite the vcdata struct can be freed by...
Linux Distros Unpatched Vulnerability : CVE-2025-40310
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - amd/amdkfd: resolve a race in amdgpuamdkfddevicefinisw There is race in amdgpuamdkfddevicefinisw and interrupt. if amdgpuamdkfddevicefinisw run in b/w...
Linux Distros Unpatched Vulnerability : CVE-2025-40218
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/vaddr: do not repeat pteoffsetmaplock until success DAMON's virtual address space operation set implementation vaddr calls pteoffsetmaplock inside the...
Linux Distros Unpatched Vulnerability : CVE-2025-40240
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: avoid NULL dereference when chunk data buffer is missing chunk-skb pointer is dereferenced in the if-block where it's supposed to be NULL only. chunk-skb...
CVE-2025-66021 OWASP Java HTML Sanitizer is vulnerable to XSS via noscript tag and improper style tag sanitization
OWASP Java HTML Sanitizer is a configureable HTML Sanitizer written in Java, allowing inclusion of HTML authored by third-parties in web applications while protecting against XSS. In version 20240325.1, OWASP java html sanitizer is vulnerable to XSS if HtmlPolicyBuilder allows noscript and style...
Linux Distros Unpatched Vulnerability : CVE-2022-50557
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: pinctrl: thunderbay: fix possible memory leak in thunderbaybuildfunctions The...
Linux Distros Unpatched Vulnerability : CVE-2025-53042
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and...
Tenda N300 Wi-Fi 4G LTE Router 4G03 Pro impacted by vulnerabilities
Overview A command injection vulnerability exists across multiple firmware versions that allows an attacker to execute arbitrary commands as root on the affected device. Currently, no solution exists to resolve these vulnerabilities in the Tenda N300 series and Tenda 4G03 Pro devices. Description...
PT-2025-46955
Name of the Vulnerable Software and Affected Versions Memos versions up to and including 0.18.1 Description Memos is a note-taking service that utilizes Access Tokens for application authentication. A flaw exists where Access Tokens remain valid even after a user changes their password. This mean...