80 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-10978
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffi...
Linux Distros Unpatched Vulnerability : CVE-2026-9948
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Views in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perfor...
Linux Distros Unpatched Vulnerability : CVE-2026-45064
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2026-45064 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenabl...
CVE-2026-1403
Removed by vendor...
CVE-2022-50397
Removed by vendor...
CVE-2025-8672
Removed by vendor...
Linux Distros Unpatched Vulnerability : CVE-2024-39465
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: mgb4: Fix double debugfs remove Fixes an error where debugfsremoverecursive is called...
PT-2025-103: Deserialization of untrusted data in FreeScout
The vulnerability was identified in FreeScout, version 1.8.182. The discovered vulnerability allows an attacker to deserialize data, instantiate arbitrary objects and alter their properties, causing severe disruption of the system. Vulnerability status: Confirmed by vendor Date of vulnerability...
Winzip for Mac SEoL (8.0.x)
According to its version, Winzip For Mac is 8.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C...
Linux Distros Unpatched Vulnerability : CVE-2024-35826
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - block: Fix page refcounts for unaligned buffers in bioreleasepages Fix an incorrect number of pages being released for buffers that do not start at the beginnin...
PT-2025-12: Deserialization of Untrusted Data in HTML2PDF
The vulnerability was identified in HTML2PD, version 5.3.0. The discovered vulnerability allows an attacker to create objects of arbitrary classes, fully controlling their properties, thus modify the logic of the web application. Vulnerability status: Confirmed by vendor Date of vulnerability...
Mozilla Thunderbird SEoL (68.x)
According to its version, Mozilla Thunderbird version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may...
Mozilla Firefox SEoL (38.x)
According to its version, Mozilla Firefox version install on the remote host has reached end of support. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may conta...
PT-2024-66: Unauthorized Reflected XSS in PhpSpreadsheet (Currency.php)
The vulnerability was identified in PhpSpreadsheet, versions = 3.0.0, = 2.0.0, = 2.2.0, = 3.0.0, = 2.0.0, = 2.2.0, = 2.3.4 to 2.3.5 or higher Additional information: Researcher: Aleksey Solovev Positive Technologies...
PT-2024-72: Weakness of password policy in Password Pusher
The vulnerability was identified in Password Pusher versions prior to 1.49.0. The application allows users to set weak and easily bruteforced passwords. The discovered vulnerability allows attackers to bruteforce the password and gain access to the application with privileges of the corresponding...
PT-2024-09: Creating arbitrary files during project creation in PT Application Inspector (PT AI)
The vulnerability was identified in PT AI affecting versions 4.3.1 to 4.7.2. The vulnerability can be exploited by an attacker with network access to the PT AI control server to create arbitrary files without the ability to overwrite existing files. Exploitation of the vulnerability requires...
Canonical Ubuntu Linux SEoL (15.10.x)
According to its version, Canonical Ubuntu Linux is 15.10.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...
PT-2024-26: Improper Authorization leads to web administration interface access in UniPORT E-slip
The vulnerability was identified in UniPORT E-slip 1.4.0.0 and lower. The discovered vulnerability is caused by insufficient input data validation. It can be exploited by an attacker to gain access to the application administration web-interface. The vulnerability is unexploitable in versions...
PT-2024-03: Vulnerability of reading internal application files in OpenKeychain
The vulnerability was identified in OpeKeychain v.5.8.2 58902. It allows a potential attacker to read any files available to an application including from the application sandbox and save files to external storage. The vulnerability is caused by insufficient filtering of input parameters...
CVE-2023-35073
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...