Linux Distros Unpatched Vulnerability : CVE-2020-36465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the generic-array crate before 0.13.3 for Rust. It violates soundness by using the arr! macro to extend lifetimes. CVE-2020-36465 Not...

Linux Distros Unpatched Vulnerability : CVE-2018-19871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption. CVE-2018-19871 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2018-20725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability exists in graphtemplates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertic...

Linux Distros Unpatched Vulnerability : CVE-2020-18428

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tinyexr commit 0.9.5 was discovered to contain an array index error in the tinyexr::SaveEXR component, which can lead to a denial of service DOS. CVE-2020-18428...

openSUSE Security Advisory (SUSE-SU-2025:02977-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

devalue prototype pollution vulnerability

devalue.parse allows proto to be set A string passed to devalue.parse could represent an object with a proto property, which would assign a prototype to an object while allowing properties to be overwritten: js class Vector constructorx, y this.x = x; this.y = y; get magnitude return this.x 2 +...

GHSA-VJ54-72F3-P5JV devalue prototype pollution vulnerability

devalue.parse allows proto to be set A string passed to devalue.parse could represent an object with a proto property, which would assign a prototype to an object while allowing properties to be overwritten: js class Vector constructorx, y this.x = x; this.y = y; get magnitude return this.x 2 +...

Linux Distros Unpatched Vulnerability : CVE-2023-38621

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to...

Linux Distros Unpatched Vulnerability : CVE-2023-38620

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to...

SUSE CVE-2025-29366

In mupen64plus v2.6.0 there is an array overflow vulnerability in the writerdramregs and writerdramregs functions, which enables executing arbitrary commands on the host machine...

CVE-2025-29366

An array overflow vulnerability has been discovered in Mupen64Plus, where out-of-bounds writes can overwrite function pointers in the host machine’s memory. This flaw enables a maliciously crafted input to escape the virtualized environment and achieve arbitrary command execution on the host syst...

PT-2025-34575 · Unknown · Givanz Vvveb

Name of the Vulnerable Software and Affected Versions: givanz Vvveb versions up to 1.0.7.2 Description: A weakness exists in givanz Vvveb that allows for unrestricted file upload. The issue is located in an unknown function within the /system/traits/media.php file. Manipulation of the files...

Vvveb 安全漏洞

Vvveb is a powerful and easy-to-use CMS from Givan Personal Developers for building websites, blogs or e-commerce stores. A security vulnerability exists in Vvveb version 1.0.7.2 and earlier, which stems from the incorrect operation of the parameter files in the /system/traits/media.php file...

CVE-2025-29366

In mupen64plus v2.6.0 there is an array overflow vulnerability in the writerdramregs and writerdramregs functions, which enables executing arbitrary commands on the host machine...

DEBIAN-CVE-2025-29366

In mupen64plus v2.6.0 there is an array overflow vulnerability in the writerdramregs and writerdramregs functions, which enables executing arbitrary commands on the host machine...

CVE-2025-29366

In mupen64plus v2.6.0 there is an array overflow vulnerability in the writerdramregs and writerdramregs functions, which enables executing arbitrary commands on the host machine...

UBUNTU-CVE-2025-29366

In mupen64plus v2.6.0 there is an array overflow vulnerability in the writerdramregs and writerdramregs functions, which enables executing arbitrary commands on the host machine...

CVE-2025-38652 f2fs: fix to avoid out-of-boundary access in devs.path

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touc...

CVE-2025-9340

CVE-2025-9340 is an Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java—BC-FJA 2.1.0 (API modules), affecting the file org/bouncycastle/jcajce/provider/BaseCipher. IBM security bulletins confirm this issue alongside CVE-2025-9341 and tie the impact to BC-F...

Mupen64Plus 安全漏洞

Mupen64Plus is an open source console emulator from Mupen64Plus. A security vulnerability exists in Mupen64Plus version 2.6.0, which stems from an array overflow in the writerdramregs function that could lead to the execution of arbitrary commands...