Linux Distros Unpatched Vulnerability : CVE-2024-35864

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix potential UAF in smb2isvalidleasebreak Skip sessions that are being teared down status == SESEXITING to avoid UAF. CVE-2024-35864 Note that...

Linux Distros Unpatched Vulnerability : CVE-2022-49133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: svm range restore work deadlock when process exit kfdprocessnotifierrelease flush svmrangerestorework which calls svmrangelistlockandflushwork to...

Linux Distros Unpatched Vulnerability : CVE-2021-46238

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC v1.1.0 was discovered to contain a stack overflow via the function gfnodegetname at scenegraph/basescenegraph.c. This vulnerability can lead to a program...

Linux Distros Unpatched Vulnerability : CVE-2023-34410

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider...

Linux Distros Unpatched Vulnerability : CVE-2023-34872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service DoS crash via a crafted PDF file in...

Linux Distros Unpatched Vulnerability : CVE-2024-36461

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine. CVE-2024-36461 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2024-24790

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true...

Linux Distros Unpatched Vulnerability : CVE-2023-6915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Null pointer dereference problem was found in idafree in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial ...

Linux Distros Unpatched Vulnerability : CVE-2023-27635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands because of an eval call via a crafted .deb file. The path is shown to the...

Linux Distros Unpatched Vulnerability : CVE-2024-22122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zabbix allows to configure SMS notifications. AT command injection occurs on Zabbix Server because there is no validation of Number field on Web nor on Zabbix...

Linux Distros Unpatched Vulnerability : CVE-2021-45949

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampleddatafinish called from sampleddatacontinue and interp. CVE-2021-45949 Note...

Linux Distros Unpatched Vulnerability : CVE-2024-46835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Fix smatch static checker warning adev-gfx.imu.funcs could be NULL CVE-2024-46835 Note that Nessus relies on the presence of the package as reported...

WordPress plugin Simple Notification 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Linux Distros Unpatched Vulnerability : CVE-2022-38349

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in...

PT-2025-14367

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A vulnerability in the Linux kernel's switchdev notification chain has been resolved. The issue involved a blocking notification chain that used a read-write semaphore to protect the...

Linux Distros Unpatched Vulnerability : CVE-2022-47654

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gfhevcreadspsbsinternal function of mediatools/avparsers.c:8261 CVE-2022-47654 Note th...

Linux Distros Unpatched Vulnerability : CVE-2024-35861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifssignalcifsdforreconnect Skip sessions that are being...

WordPress Simple Notification plugin <= 1.3 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Pham Van Tam in WordPress Plugin Simple Notification versions = 1.3...

aastocks.com Cross Site Scripting vulnerability OBB-4032463

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

52solution.com Cross Site Scripting vulnerability OBB-4032461

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...