419 matches found
Linux Distros Unpatched Vulnerability : CVE-2013-0166
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCS...
Linux Distros Unpatched Vulnerability : CVE-2012-2934
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xen 4.0, and 4.1, when running a 64-bit PV guest on older AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS...
Linux Distros Unpatched Vulnerability : CVE-2017-13764
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length...
Linux Distros Unpatched Vulnerability : CVE-2017-13050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki- rtr.c:rpkirtrpduprint. CVE-2017-13050 Note that Nessus relies on the presen...
Linux Distros Unpatched Vulnerability : CVE-2010-3410
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1825. Reason: This candidate is a duplicate of CVE-2010-1825. Notes: All CVE users shoul...
Linux Distros Unpatched Vulnerability : CVE-2010-3776
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before...
Linux Distros Unpatched Vulnerability : CVE-2011-1145
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SQLDriverConnect function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the...
Linux Distros Unpatched Vulnerability : CVE-2011-4922
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive...
Linux Distros Unpatched Vulnerability : CVE-2010-3771
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank...
Linux Distros Unpatched Vulnerability : CVE-2011-0778
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via...
Linux Distros Unpatched Vulnerability : CVE-2011-2999
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle location as the name of a frame, which...
Linux Distros Unpatched Vulnerability : CVE-2010-1585
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14,...
Linux Distros Unpatched Vulnerability : CVE-2011-1657
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 ZipArchive::addGlob and 2 ZipArchive::addPattern functions in ext/zip/phpzip.c in PHP 5.3.6 allow context-dependent attackers to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2010-2387
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vicious-extensions/ve-misc.c in GNOME Display Manager gdm 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8...
Linux Distros Unpatched Vulnerability : CVE-2007-4990
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The swapchar2b function in X.Org X Font Server xfs before 1.0.5 allows context-dependent attackers to execute arbitrary code via 1 QueryXBitmaps and 2...
CVE-2024-39931
Gogs through 0.13.0 allows deletion of internal files...
CVE-2019-17361
In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host...
Qualys Cloud Platform 8.21.2 New Features
The upcoming release of the Qualys Cloud Platform VM, PC, version 8.21.2, includes several new features in Qualys Cloud Platform and support for multiple technologies in Qualys Policy Compliance. The 8.21.2 release is scheduled to go live on 16th Sept, 2019. See full 8.21.2 new features blog post...
On internal Unix host common security vulnerability description-vulnerability warning-the black bar safety net
Impact: Intruders can use this vulnerability to modify web pages, to get the host management rights. Event description: In attacks of UNIX systems, intruders often use the following | rpc. ttdbserver rpc. cmsd rpc. statd/automountd sadmind --- The program of the Buffer Overflow vulnerability from...