421 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414504)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414504 advisory. A use-after-free vulnerability was found in rtsxusbmsdrvremove in drivers/memstick/host/rtsxusbms.c in memstick in the Linux kernel. In this flaw, a local attacker...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414668)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414668 advisory. In drivers/target/targetcorexcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers t...
EUVD-2024-55024
Malicious code in bioql PyPI...
QNAP Qsync Central 安全漏洞
QNAP Qsync Central is the official private cloud synchronization service developed by QNAP for its Network Attached Storage NAS devices. QNAP Qsync Central suffers from an unrestricted resource allocation vulnerability that can be exploited by an attacker to prevent other systems, applications, o...
QNAP Qsync Central 代码问题漏洞
QNAP Qsync Central is a cloud-based file synchronization service on a NAS from Taiwan, China-based QNAP Technology QNAP. A code issue vulnerability exists in QNAP Qsync Central versions prior to 5.0.0.1 that stems from a null pointer dereference and could lead to a denial of service attack...
CVE-2024-48014
Dell BSAFE Micro Edition Suite, versions prior to 5.0.2.3 contain an Out-of-bounds Write vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service...
CVE-2025-4993
Untrusted Pointer Dereference vulnerability in RTI Connext Professional Core Libraries allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.0.0 before 7.3.0.10, from 6.1.0 before 6.1.2.27, from 6.0.0 before 6.0., from 5.3.0 before 5.3., from 4.4a...
CVE-2025-59689
Libraesva ESG 4.5 through 5.5.x before 5.5.7 allows command injection via a compressed e-mail attachment. For ESG 5.0 a fix has been released in 5.0.31. For ESG 5.1 a fix has been released in 5.1.20. For ESG 5.2 a fix has been released in 5.2.31. For ESG 5.4 a fix has been released in 5.4.8. For...
CVE-2025-9969 Reflected XSS in Vizly Web Design's Real Estate Packages
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Vizly Web Design Real Estate Packages allows Content Spoofing, CAPEC - 593 - Session Hijacking, CAPEC - 591 - Reflected XSS. This issue affects Real Estate Packages: before 5.1...
Linux Distros Unpatched Vulnerability : CVE-2011-1288
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application...
Linux Distros Unpatched Vulnerability : CVE-2019-2522
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and...
Linux Distros Unpatched Vulnerability : CVE-2022-4398
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0. CVE-2022-4398 Note that Nessus relies on the presence of the package as...
Linux Distros Unpatched Vulnerability : CVE-2022-1649
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be...
Linux Distros Unpatched Vulnerability : CVE-2022-0139
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0. CVE-2022-0139 Note that Nessus relies on the presence of the package as reported by the...
Linux Distros Unpatched Vulnerability : CVE-2018-3298
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.2.20. Easi...
Linux Distros Unpatched Vulnerability : CVE-2018-3291
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. The supported version that is affected is Prior to 5.2.20. Easi...
Linux Distros Unpatched Vulnerability : CVE-2015-8235
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in Spiffy before 5.4. CVE-2015-8235 Note that Nessus relies on the presence of the package as reported by the vendor...
BIT-SUPERSET-2025-55674 Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions
A bypass of the DISALLOWEDSQLFUNCTIONS security feature in Apache Superset allows for the execution of blocked SQL functions. An attacker can use a special inline block to circumvent the denylist. This allows a user with SQL Lab access to execute functions that were intended to be disabled, leadi...
Linux Distros Unpatched Vulnerability : CVE-2022-1452
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds Read in rbinjavabootstrapmethodsattrnew function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past...
Linux Distros Unpatched Vulnerability : CVE-2019-20810
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go7007sndinit in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call sndcardfree for a failure path, which causes a memory leak,...