Linux Distros Unpatched Vulnerability : CVE-2019-10191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to...

[SECURITY] [DSA 5987-1] unbound security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5987-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 27, 2025 https://www.debian.org/security/faq -...

Linux Distros Unpatched Vulnerability : CVE-2022-32983

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters. CVE-2022-32983 Note that Nessus relie...

Linux Distros Unpatched Vulnerability : CVE-2019-16791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS polic...

Linux Distros Unpatched Vulnerability : CVE-2019-19331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be process...

Linux Distros Unpatched Vulnerability : CVE-2018-10920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache. CVE-2018-10920 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2017-9106

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in adns before 1.5.2. adnsrrinfo mishandles a bogus datap. The general pattern for formatting integers is to sprintf into a fixed-size...

Linux Distros Unpatched Vulnerability : CVE-2012-1191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites cached server names and TTL values in NS records during the processing of a response to a...

Linux Distros Unpatched Vulnerability : CVE-2018-1110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in knot-resolver before version 2.3.0. Malformed DNS messages may cause denial of service. CVE-2018-1110 Note that Nessus relies on the presenc...

Debian dla-4280 : libunbound-dev - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4280 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4280-1 [email protected]...

Linux Distros Unpatched Vulnerability : CVE-2014-4883

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS...

Linux Distros Unpatched Vulnerability : CVE-2024-42491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Asterisk is an open-source private branch exchange PBX. Prior to versions 18.24.3, 20.9.3, and 21.4.3 of Asterisk and versions 18.9-cert12 and 20.7-cert2 of...

Linux Distros Unpatched Vulnerability : CVE-2022-24793

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications...

[SECURITY] Fedora 41 Update: uv-0.8.8-1.fc41

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

[SECURITY] Fedora 42 Update: uv-0.8.8-1.fc42

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

Linux Distros Unpatched Vulnerability : CVE-2020-12667

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker- controlled server, aka an NXNSAttack issue. This is triggered...

Linux Distros Unpatched Vulnerability : CVE-2025-8262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic. Affected is the function explodeHostedGitFragment of the file...

Linux Distros Unpatched Vulnerability : CVE-2023-6516

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including...

@simplyjoe/private-package (=1.0.1), antra567 (=1.0.0) +1 more potentially affected by unknown CVE via lodashh (=0.0.1-security)

lodashh NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on lodashh and may be impacted: - @simplyjoe/private-package =1.0.1 - antra567 =1.0.0 - cfn-resolver-lib =1.0.0, =1.0.1 Source cves: unknown CVE Source advisory:...

MAL-2025-17499 Malicious code in constant_resolver (npm)

The package constantresolver was found to contain malicious code...