2988 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-3964
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZ...
Linux Distros Unpatched Vulnerability : CVE-2020-35112
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a user downloaded a file lacking an extension on Windows, and then Open-ed it from the downloads panel, if there was an executable file in the downloads...
Linux Distros Unpatched Vulnerability : CVE-2018-1305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only...
CVE-2025-8733
Last updated 28 August 2025...
CVE-2025-45765
ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective is "keysize is not something that is enforced by this library. Currently more recent versions of OpenSSL are enforcing some key sizes and those restrictions apply to the users of this gem also."...
CVE-2025-50952
openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c...
CVE-2025-8580
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-8576
Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2025-8578
Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-54799
Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...
CVE-2025-54798
tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4...
Linux Distros Unpatched Vulnerability : CVE-2024-38633
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: max3100: Update uartdriverregistered on driver removal The removal of the last MAX3100 device triggers the removal of the driver. However, code doesn't...
Linux Distros Unpatched Vulnerability : CVE-2025-23132
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: quota: fix to avoid warning in dquotwritebackdquots F2FS-fs dm-59: checkpoint=enable has some unwritten data. ------------ cut here ------------ WARNING:...
Linux Distros Unpatched Vulnerability : CVE-2025-38326
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aoe: clean device rqlist in aoedevdowndev An aoe device's rqlist contains accepted block requests that are waiting to be transmitted to the aoe target. This que...
Linux Distros Unpatched Vulnerability : CVE-2024-39484
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mmc: davinci: Don't strip remove function when driver is builtin Using exit for the remove function results in the remove callback being discarded with...
Linux Distros Unpatched Vulnerability : CVE-2020-15673
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corruption and we presum...
Linux Distros Unpatched Vulnerability : CVE-2025-7657
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2025-47908
Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers ACRH header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt...
CVE-2025-45766
poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is...
CVE-2025-8556
A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange...