CVE-2025-23185

Due to improper error handling in SAP Business Objects Business Intelligence Platform, technical details of the application are revealed in exceptions thrown to the user and in stack traces. Only an attacker with administrator level privileges has access to this disclosed information, and they...

TOTOlink A3002R static_gw parameter buffer overflow vulnerability

TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK A3002R version V1.1.1-B20200824.0128, which stems from the staticgw parameter failing to correctly validate the length and size of the input data, and can be exploit...

Drupal 7.2 XML Injection

Drupal version 7.2 XML external entity injection proof of concept exploit that demonstrates a vulnerability distributed in 2012. ============================================================================================================================================= | Title : Drupal 7.2 via...

CZS CMS 1.3.0 Cross Site Request Forgery

CZS CMS version 1.3.0 suffers from a cross site request forgery vulnerability. Exploit Title: CZS CMS 1.3.0 - Cross Site Request Forgery CSRF Add Admin Date: 2024-05-03 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.cszcms.com Software Link:...

Linux Distros Unpatched Vulnerability : CVE-2024-56830

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand if no strong randomization module is present. CVE-2024-56830 Note that Nessus relie...

WordPress W3 Total Cache 0.9.2.4 SQL Injection / Hash Disclosure

WordPress W3 Total Cache plugin version 0.9.2.4 remote exploit that leverages SQL injection to extract a user's name and password hash. ============================================================================================================================================= | Title : WordPress...

Linux Distros Unpatched Vulnerability : CVE-2025-26699

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap method and wordwrap template filter are...

Linux Distros Unpatched Vulnerability : CVE-2025-0291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2023-4754

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV. CVE-2023-4754 Note that Nessus relies on the presence of the package as reported by the...

Linux Distros Unpatched Vulnerability : CVE-2023-3896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3 CVE-2023-3896 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2022-49198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix crash due to tcptsortedanchor was initialized before release skb Got crash when...

Linux Distros Unpatched Vulnerability : CVE-2022-27416

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tcpreplay v4.4.1 was discovered to contain a double-free via interceptorfree. CVE-2022-27416 Note that Nessus relies on the presence of the package as reported ...

Linux Distros Unpatched Vulnerability : CVE-2022-0496

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerbiility was found in Openscad, where a DXF-format drawing with particular not necessarily malformed! properties may cause an out-of-bounds memory access...

CVE-2025-1892

CVE-2025-1892 affects shishuocms 1.1. The vulnerability is in the Directory Deletion Page, specifically the /manage/folder/add.json function. Manipulating the folderName argument triggers cross-site scripting (XSS). It is exploitable remotely and the exploit has been disclosed publicly. Multiple ...

Linux Distros Unpatched Vulnerability : CVE-2017-11535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage function in coders/ps.c...

Linux Distros Unpatched Vulnerability : CVE-2020-9431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc....

Linux Distros Unpatched Vulnerability : CVE-2018-19108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service infinite loop caused by an integer...

Linux Distros Unpatched Vulnerability : CVE-2017-9115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code. CVE-2017-9115...

Linux Distros Unpatched Vulnerability : CVE-2017-12187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly execute...

Linux Distros Unpatched Vulnerability : CVE-2013-4420

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple directory traversal vulnerabilities in the 1 tarextractglob and 2 tarextractall functions in libtar 1.2.20 and earlier allow remote attackers to...