58825 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-23980
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea,...
Linux Distros Unpatched Vulnerability : CVE-2022-42309
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an...
Linux Distros Unpatched Vulnerability : CVE-2023-53161
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic. CVE-2023-53161 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2020-12690
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when a...
Linux Distros Unpatched Vulnerability : CVE-2023-0842
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xml2js version 0.4.23 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validat...
Linux Distros Unpatched Vulnerability : CVE-2018-6041
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in navigation in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2018-16487
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A prototype pollution vulnerability was found in lodash 4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying...
Linux Distros Unpatched Vulnerability : CVE-2025-38431
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix regression with native SMB symlinks Some users and customers reported that...
Linux Distros Unpatched Vulnerability : CVE-2024-4994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 16.1.0 before 16.11.5, all versions starting from 17.0 before 17.0.3, all versions...
Linux Distros Unpatched Vulnerability : CVE-2018-6091
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Service Workers can intercept any request made by an or tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin...
Linux Distros Unpatched Vulnerability : CVE-2020-23226
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple Cross Site Scripting XSS vulneratiblities exist in Cacti 1.2.12 in 1 reportsadmin.php, 2 dataqueries.php, 3 datainput.php, 4 graphtemplates.php, 5...
Linux Distros Unpatched Vulnerability : CVE-2022-28959
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in the component /spip.php of Spip Web Framework v3.1.13 and below allows attackers to execute arbitrary web...
Linux Distros Unpatched Vulnerability : CVE-2021-32728
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature...
Linux Distros Unpatched Vulnerability : CVE-2016-1000346
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be us...
Linux Distros Unpatched Vulnerability : CVE-2022-32746
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module,...
Linux Distros Unpatched Vulnerability : CVE-2017-15612
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mistune.py in Mistune 0.7.4 allows XSS via an unexpected newline such as in java\nscript: or a crafted email address, related to the escape and autolink...
Linux Distros Unpatched Vulnerability : CVE-2018-16472
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A prototype pollution attack in cached-path-relative versions =1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all...
Linux Distros Unpatched Vulnerability : CVE-2024-26143
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using...
Linux Distros Unpatched Vulnerability : CVE-2022-42966
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exponential ReDoS Regular Expression Denial of Service can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the...
Linux Distros Unpatched Vulnerability : CVE-2022-48566
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in comparedigest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable...