Linux Distros Unpatched Vulnerability : CVE-2016-3672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easi...

Linux Distros Unpatched Vulnerability : CVE-2017-13745

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a reachable assertion abort in the function jpcdecprocesssot in jpc/jpcdec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by...

Linux Distros Unpatched Vulnerability : CVE-2017-12598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenCV Open Source Computer Vision Library through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in...

Linux Distros Unpatched Vulnerability : CVE-2017-6472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. This was...

Linux Distros Unpatched Vulnerability : CVE-2015-9284

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The request phase of the OmniAuth Ruby gem 1.9.1 and earlier is vulnerable to Cross-Site Request Forgery when used as part of the Ruby on Rails framework,...

Linux Distros Unpatched Vulnerability : CVE-2018-1000164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in processheaders function in...

Linux Distros Unpatched Vulnerability : CVE-2014-1308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service memory...

Linux Distros Unpatched Vulnerability : CVE-2015-5600

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kbdintnextdevice function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a...

Linux Distros Unpatched Vulnerability : CVE-2015-6832

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/splarray.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allo...

Linux Distros Unpatched Vulnerability : CVE-2020-35357

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2.5 and 2.6. Processing a...

Linux Distros Unpatched Vulnerability : CVE-2015-4598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or...

Linux Distros Unpatched Vulnerability : CVE-2021-20294

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffe...

Linux Distros Unpatched Vulnerability : CVE-2016-5300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context- dependent attackers to cause a denial of service CPU...

Linux Distros Unpatched Vulnerability : CVE-2019-8726

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows...

Linux Distros Unpatched Vulnerability : CVE-2018-20217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryptio...

Linux Distros Unpatched Vulnerability : CVE-2019-2024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In em28xxunregisterdvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution...

PyTorch Model Files Can Bypass Pickle Scanners via Unexpected Pickle Extensions

CVE-2025-1889 Summary Picklescan fails to detect hidden pickle files embedded in PyTorch model archives due to its reliance on file extensions for detection. This allows an attacker to embed a secondary, malicious pickle file with a non-standard extension inside a model archive, which remains...

CVE-2025-1868

Vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by...

CVE-2025-1868

CVE-2025-1868 describes an NTLM leakage vulnerability in Famatech’s Advanced IP Scanner and Advanced Port Scanner. When a network scan is initiated, the tools may emit the NTLM hash of the scanning user, enabling an attacker to intercept traffic to a legitimate or fake server to extract the user ...

CVE-2025-1868 Information display on multiple products from Famatech Corp

Vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by...