Linux Distros Unpatched Vulnerability : CVE-2024-37794

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper input validation in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service DoS via a crafted SMT2 input file. CVE-2024-37794 Note that Nessus...

ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), ai.hypergraph:kaliningraph-jvm (=0.2.1) +4761 more potentially affected by CVE-2025-50059 via org.graalvm.sdk:graal-sdk (>=22.0.0 <=24.0.1)

org.graalvm.sdk:graal-sdk MAVEN version =22.0.0, =3.10.0.5, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =1.1.0 and more Source cves: CVE-2025-50059 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-11998135ht...

ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), ai.hypergraph:kaliningraph-jvm (=0.2.1) +4761 more potentially affected by CVE-2025-30749 via org.graalvm.sdk:graal-sdk (>=22.0.0 <=24.0.1)

org.graalvm.sdk:graal-sdk MAVEN version =22.0.0, =3.10.0.5, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =1.1.0 and more Source cves: CVE-2025-30749 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-11998139ht...

ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), ai.hypergraph:kaliningraph-jvm (=0.2.1) +4761 more potentially affected by CVE-2025-30754 via org.graalvm.sdk:graal-sdk (>=22.0.0 <=24.0.1)

org.graalvm.sdk:graal-sdk MAVEN version =22.0.0, =3.10.0.5, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =1.1.0 and more Source cves: CVE-2025-30754 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-11023285ht...

abracadabra (>=0.0.0 <=0.0.7), ac-solver (=0.1.0) +308 more potentially affected by CVE-2025-30167 via jupyter-core (>=4.10.0 <=5.8.0)

jupyter-core PYPI version =4.10.0, =0.0.0, =0.14.0.3, =1.0.0, =0.1.23, =0.20.0, =0.9.5, =0.1.0, =0.0.4, =1.0.1, =0.1.0, =1.0.1, =1.0.1, =1.0.14 and more Source cves: CVE-2025-30167 Source advisory: OSV:GHSA-33P9-3P43-82VQ...

CVE-2021-39362

An XSS issue was discovered in ReCaptcha Solver 5.7. A response from Anti-Captcha.com, RuCaptcha.com, 2captcha.com, DEATHbyCAPTCHA.com, ImageTyperz.com, or BestCaptchaSolver.com in setCaptchaCode is inserted into the DOM as HTML, resulting in full control over the user's browser by these servers...

CVE-2020-36402

Solidity 0.7.5 has a stack-use-after-return issue in smtutil::CHCSmtLib2Interface::querySolver. NOTE: c39a5e2b7a3fabbf687f53a2823fc087be6c1a7e is cited in the OSV "fixed" field but does not have a code change...

Malicious code in eco-solver (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a8f7c5551c322952642a4ae7cfaa02b59bd51fd08667100bbcf22cda084b0e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3236 Malicious code in eco-solver (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a8f7c5551c322952642a4ae7cfaa02b59bd51fd08667100bbcf22cda084b0e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), ai.hypergraph:kaliningraph-jvm (=0.2.1) +4759 more potentially affected by CVE-2025-30698 via org.graalvm.sdk:graal-sdk (>=22.0.0 <=24.0.0)

org.graalvm.sdk:graal-sdk MAVEN version =22.0.0, =3.10.0.5, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =1.1.0 and more Source cves: CVE-2025-30698 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-9728203htt...

ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), ai.hypergraph:kaliningraph-jvm (=0.2.1) +4759 more potentially affected by CVE-2025-21587 via org.graalvm.sdk:graal-sdk (>=22.0.0 <=24.0.0)

org.graalvm.sdk:graal-sdk MAVEN version =22.0.0, =3.10.0.5, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =1.1.0 and more Source cves: CVE-2025-21587 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-9728156htt...

ai.h2o:h2o-orc-parser (>=3.10.0.5 <=3.10.3.6), ai.hypergraph:kaliningraph-jvm (=0.2.1) +4759 more potentially affected by CVE-2025-30691 via org.graalvm.sdk:graal-sdk (>=22.0.0 <=24.0.0)

org.graalvm.sdk:graal-sdk MAVEN version =22.0.0, =3.10.0.5, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =1.1.0 and more Source cves: CVE-2025-30691 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-9728205htt...

Low: gsl

Issue Overview: GSL GNU Scientific Library through 2.8 has an integer signedness error in gslsimansolvemany in siman/siman.c. When params.ntries is negative, incorrect memory allocation occurs. CVE-2024-50610 Affected Packages: gsl Issue Correction: Run dnf update gsl --releasever 2023.6.20250218...

acir (>=0.44.0 <=0.46.0), age (>=0.9.0 <=0.9.3) +115 more potentially affected by unknown CVE via pprof (>=0.10.1 <=0.13.0)

pprof CARGO version =0.10.1, =0.44.0, =0.9.0, =0.4.2, =0.1.0, =0.3.0, =0.1.2, =0.1.0, =0.1.0, =0.1.0, =0.0.9, =0.1005.0, =0.44.0, =0.46.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-GW5W-5J7F-JMJJ...

OESA-2024-2361 gsl security update

The GNU Scientific Library GSL is a collection of routines for numerical analysis, written in C. Security Fixes: GSL GNU Scientific Library through 2.8 has an integer signedness error in gslsimansolvemany in siman/siman.c. When params.ntries is negative, incorrect memory allocation...

ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), ai.hyacinth.framework:core-service-discovery-server (>=0.5.0 <=0.5.24) +8567 more potentially affected by CVE-2024-47072 via com.thoughtworks.xstream:xstream (>=1.1.1 <=1.4.20)

com.thoughtworks.xstream:xstream MAVEN version =1.1.1, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =cloud-0.1, =0.0.1, =0.0.10, =0.0.10, =0.0.10, =0.2.2, =0.0.11, =0.8.38, =0.8.38, =0.8.38, =0.8.42 and more Source cves: CVE-2024-47072 Source advisory: OSV:GHSA-HFQ9-HGGM-C56Q...

ai.optfor:spring-openai-api (>=0.1.3 <=0.3.25), ai.timefold.solver:timefold-solver-spring-boot-autoconfigure (>=1.0.0 <=1.4.0) +7524 more potentially affected by CVE-2024-38820 via org.springframework:spring-context (>=6.0.0 <=6.0.23)

org.springframework:spring-context MAVEN version =6.0.0, =0.1.3, =1.0.0, =1.0.0, =0.1.6, =0.0.2, =0.0.6, =0.0.6, =1.3.0, =4.6.18, =4.0.0, =1.0.0, =2.1.0.RELEASE, =2.1.2.RELEASE and more Source cves: CVE-2024-38820 Source advisory: OSV:GHSA-4GC7-5J7H-4QPH...

CVE-2024-45060

PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. One of the sample scripts in PhpSpreadsheet is susceptible to a cross-site scripting XSS vulnerability due to improper handling of input where a number is expected leading to formula injection. The code in in...

CVE-2024-45060

Summary (CVE-2024-45060) PhpSpreadsheet (PHPOffice) contains a cross-site scripting (XSS) vulnerability in a sample file. The issue arises when user-supplied input is concatenated directly into spreadsheet formulas in the 45_Quadratic_equation_solver.php script, enabling formula injection and Jav...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS through the discriminantFormula and r1Formula processes due to improper user input sanitization. An attacker can execute arbitrary JavaScript code by injecting malicious input into the POST parameters used in...