4730 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-2431
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but...
Linux Distros Unpatched Vulnerability : CVE-2019-9518
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an...
Linux Distros Unpatched Vulnerability : CVE-2019-7282
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The...
Linux Distros Unpatched Vulnerability : CVE-2022-31152
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix specification specifies a list of event authorizatio...
Linux Distros Unpatched Vulnerability : CVE-2023-53159
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::sethost. CVE-2023-53159 Note that Nessus relie...
Linux Distros Unpatched Vulnerability : CVE-2025-38497
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qwsign' or 'landingPage' sysfs attributes, the store functions...
Linux Distros Unpatched Vulnerability : CVE-2020-11998
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contai...
CVE-2025-8342
The WooCommerce OTP Login With Phone Number, OTP Verification plugin for WordPress is vulnerable to authentication bypass due to insufficient empty value checking in the lwpajaxregister function in all versions up to, and including, 1.8.47. This makes it possible for unauthenticated attackers to...
CVE-2025-54409
A flaw was found in AIDE. This vulnerability allows an attacker to crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a key containing a comma. A local user can exploit this issue to cause a local denial of...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from sched/ext calling updatelockedrq when rq is empty, which could result in a preemption warning...
Linux Distros Unpatched Vulnerability : CVE-2025-38092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: use listfirstentryornull for opinfogetlist The listfirstentry macro never returns NULL. If the list is empty then it returns an invalid pointer. Use...
Linux Distros Unpatched Vulnerability : CVE-2018-1000204
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Linux Kernel version 3.18 to 4.16 incorrectly handles an SGIO ioctl on /dev/sg0 with dxferdirection=SGDXFERFROMDEV and an empty 6-byte cmdp. This may lead to...
Malicious code in test-mlw2-evets-empty (npm)
The package test-mlw2-evets-empty was found to contain malicious code...
MAL-2025-27360 Malicious code in new-empty-array (npm)
The package new-empty-array was found to contain malicious code...
MAL-2025-35298 Malicious code in test-mlw2-evets-empty (npm)
The package test-mlw2-evets-empty was found to contain malicious code...
Malicious code in new-empty-array (npm)
The package new-empty-array was found to contain malicious code...
CVE-2025-54409
AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a...
DEBIAN-CVE-2025-54409
AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a...
CVE-2025-54409 AIDE null pointer dereference when reading incorrectly encoded xattr attributes from database (local DoS)
AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a...
GHSA-F9F8-9PMF-XV68 Helm May Panic Due To Incorrect YAML Content
A Helm contributor discovered an improper validation of type error when parsing Chart.yaml and index.yaml files that can lead to a panic. Impact There are two areas of YAML validation that were impacted. First, when a Chart.yaml file had a null maintainer or the child or parent of a dependencies...