CVE-2024-53307

A reflected cross-site scripting XSS vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

CVE-2024-53307

A reflected cross-site scripting XSS vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload...

Advisory ROSA-SA-2025-2762

Software: python-jinja2 2.7.2 OS: rosa-server79 packageevrstring: python-jinja2-2.7.2-4.0.1.res7 CVE-ID: CVE-2024-56326 BDU-ID: 2025-00113 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the str.format method of the jinja html templating tool is related to the failure to neutralize special element...

CVE-2024-42733

An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path input...

GHSA-VVJV-97J8-94XH

creationtimestamp| type| source ---|---|--- 2025-03-06 19:38:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6732...

Linux Distros Unpatched Vulnerability : CVE-2023-45678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in startdecoder because at maxim...

Linux Distros Unpatched Vulnerability : CVE-2023-45675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The...

CVE-2024-53388

A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element...

Linux Distros Unpatched Vulnerability : CVE-2021-34119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in htmodoc 1.9.12 in function parseparagraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via ...

Linux Distros Unpatched Vulnerability : CVE-2022-25972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. A...

Linux Distros Unpatched Vulnerability : CVE-2022-2054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Code Injection in GitHub repository nuitka/nuitka prior to 0.9. CVE-2022-2054 Note that Nessus relies on the presence of the package as reported by the vendor...

Linux Distros Unpatched Vulnerability : CVE-2015-8107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code. CVE-2015-8107 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2016-2226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the stringappends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which...

Linux Distros Unpatched Vulnerability : CVE-2020-9806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari...

Linux Distros Unpatched Vulnerability : CVE-2019-12761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS...

Linux Distros Unpatched Vulnerability : CVE-2019-16255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument aka the command argument to Shell or Shelltest in...

Linux Distros Unpatched Vulnerability : CVE-2011-2709

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code...

Tenda AC6 Code Execution Vulnerability

The Tenda AC6 is a wireless router from the Chinese company Tenda. A code execution vulnerability exists in the Tenda AC6 that stems from the cmdinput parameter of the formexeCommand function failing to properly filter special elements of the constructed snippet. No details of the vulnerability a...

CVE-2022-49358 netfilter: nf_tables: memleak flow rule from commit path

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: memleak flow rule from commit path Abort path release flow rule object, however, commit path does not. Update code to destroy these objects before releasing the transaction...

CVE-2025-25790

An arbitrary file upload vulnerability in the component \controller\LocalTemplate.php of FoxCMS v1.2.5 allows attackers to execute arbitrary code via uploading a crafted Zip file...