2988 matches found
GHSA-7F6C-8CHX-2VM5 vulnerabilities
Vulnerabilities for packages: openjdk...
CVE-2018-2678 vulnerabilities
Vulnerabilities for packages: openjdk-21-openj9, openjdk-8-openj9, openjdk-11-openj9, openjdk-25-openj9, openjdk-26-openj9, openjdk-17-openj9...
CVE-2016-3503 vulnerabilities
Vulnerabilities for packages: openjdk-21-openj9, openjdk-8-openj9, openjdk-11-openj9, openjdk-25-openj9, openjdk-26-openj9, openjdk-17-openj9...
CVE-2025-38647
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: sar: drop lockdep assertion in rtw89setsarfromacpi The following assertion is triggered on the rtw89 driver startup. It looks meaningless to hold wiphy lock on the early init stage so drop the assertion. WARNING: CPU...
CVE-2025-38646
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band With a quite rare chance, RX report might be problematic to make SW think a packet is received on 6 GHz band even if the chip does not suppo...
CVE-2025-38639
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtnfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 .. string+0x231/0x2b0 lib/vsprintf.c:721...
CVE-2025-38635
In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davincilpscclkregister devmkasprintf returns NULL when memory allocation fails. Currently, davincilpscclkregister does not check for this case, which results in a NULL pointer dereference. Add NULL...
CVE-2025-38666
In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix use-after-free in AARP proxy probe The AARP proxy‐probe routine aarpproxyprobenetwork sends a probe, releases the aarplock, sleeps, then re-acquires the lock. During that window an expire timer thread...
CVE-2025-9300
A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixeldebugprintpalette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit...
Linux Distros Unpatched Vulnerability : CVE-2020-36420
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Polipo through 1.1.1, when NDEBUG is omitted, allows denial of service via a reachable assertion during parsing of a malformed Range header. NOTE: This...
CVE-2024-10219 vulnerabilities
Vulnerabilities for packages: gitlab-runner, gitlab-runner-fips...
Linux Distros Unpatched Vulnerability : CVE-2018-14642
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information leak vulnerability was found in Undertow. If all headers are not written out in the first write call then the code that handles flushing the buff...
Linux Distros Unpatched Vulnerability : CVE-2019-2946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PS. Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior...
Linux Distros Unpatched Vulnerability : CVE-2025-54874
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data...
Linux Distros Unpatched Vulnerability : CVE-2020-26137
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the...
Linux Distros Unpatched Vulnerability : CVE-2019-5739
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introduced a dedicated...
Linux Distros Unpatched Vulnerability : CVE-2020-22217
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow vulnerability in c-ares before 1161 thru 1170 via function aresparsesoareply in aresparsesoareply.c. CVE-2020-22217 Note that Nessus relies on t...
CVE-2025-8042
Firefox for Android allowed a sandboxed iframe without the allow-downloads attribute to start downloads. This vulnerability was fixed in Firefox 141...
CVE-2025-8041
In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability was fixed in Firefox 141...
Linux Distros Unpatched Vulnerability : CVE-2024-11738
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service panic via a fragmented TLS ClientHello message. CVE-2024-11738...