Linux Distros Unpatched Vulnerability : CVE-2022-38230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XPDF commit ffaf11c was discovered to contain a floating point exception FPE via DCTStream::decodeImage at /xpdf/Stream.cc. CVE-2022-38230 Note that Nessus reli...

Linux Distros Unpatched Vulnerability : CVE-2024-10573

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer...

CVE-2025-30064 Possibility to generate a session for any user via the "ex:action" parameter after obtaining access to the JWT key

An insufficiently secured internal function allows session generation for arbitrary users. The decodeParam function checks the JWT but does not verify which signing algorithm was used. As a result, an attacker can use the "ex:action" parameter in the VerifyUserByThrustedService function to genera...

Linux Distros Unpatched Vulnerability : CVE-2020-18430

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tinyexr 0.9.5 was discovered to contain an array index error in the tinyexr::DecodeEXRImage component, which can lead to a denial of service DOS. CVE-2020-18430...

Linux Distros Unpatched Vulnerability : CVE-2024-53429

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open62541 v1.4.6 is has an assertion failure in fuzzbinarydecode, which leads to a crash. CVE-2024-53429 Note that Nessus relies on the presence of the package ...

Linux Distros Unpatched Vulnerability : CVE-2025-29917

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64...

CGM CLININET 安全漏洞

CGM CLININET is a hospital information management system from CGM Germany. A security vulnerability exists in CGM CLININET that stems from the decodeParam function not verifying the signature algorithm, which could lead to the generation of arbitrary user sessions...

CVE-2025-0081

In dnglosslessdecoder::HuffDecode of dnglosslessjpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-46407

A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur which will cause a heap-based buffer to overflow when reading the palette from the...

Linux Distros Unpatched Vulnerability : CVE-2017-17509

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5Gentdecodevec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or...

Linux Distros Unpatched Vulnerability : CVE-2017-9992

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the decodedds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, a...

Linux Distros Unpatched Vulnerability : CVE-2018-12687

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. CVE-2018-12687 Note that Nessus relies on the presence of the package as reported by the...

Linux Distros Unpatched Vulnerability : CVE-2018-19761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an illegal address access at fromsixel.c function: sixeldecoderawimpl in libsixel 1.8.2 that will cause a denial of service. CVE-2018-19761 Note that...

GHSA-2464-8J7C-4CJM go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data

Summary Use of this library in a security-critical context may result in leaking sensitive information, if used to process sensitive fields. Details OpenBao and presumably HashiCorp Vault have surfaced error messages from mapstructure as follows:...

Linux Distros Unpatched Vulnerability : CVE-2020-35532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibRaw, an out-of-bounds read vulnerability exists within the simpledecoderow function libraw\src\x3f\x3futilspatched.cpp which can be triggered via an image...

TencentOS Server 4: python3.11 (TSSA-2025:0531)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0531 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Linux Distros Unpatched Vulnerability : CVE-2020-35533

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibRaw, an out-of-bounds read vulnerability exists within the LibRaw::adobecopypixel function libraw\src\decoders\dng.cpp when reading data from the image...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2019-11135: TSX Asynchronous Abort condition bsc1139073. CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL...

Linux Distros Unpatched Vulnerability : CVE-2019-3804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated...

Linux Distros Unpatched Vulnerability : CVE-2025-4516

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an issue in CPython when using bytes.decodeunicodeescape, error=ignore|replace. If you are not using the unicodeescape encoding or an error handler you...