Linux Distros Unpatched Vulnerability : CVE-2022-27939

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in getlayer4v6 in common/get.c. CVE-2022-27939 Note that Nessus relies on the presence of the package as...

Linux Distros Unpatched Vulnerability : CVE-2022-34568

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SDL v1.2 was discovered to contain a use-after-free via the XFree function at /src/video/x11/SDLx11yuv.c. CVE-2022-34568 Note that Nessus relies on the presence...

Linux Distros Unpatched Vulnerability : CVE-2022-34033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTMLDoc v1.9.15 was discovered to contain a heap overflow via writeheader /htmldoc/htmldoc/html.cxx:273. CVE-2022-34033 Note that Nessus relies on the presence ...

Linux Distros Unpatched Vulnerability : CVE-2022-29806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to...

CVE-2025-27156 Tuleap allows content injection via emails sent by the mass emailing features

Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail...

DEBIAN-CVE-2025-1932

An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

CVE-2025-1931

It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

CVE-2025-1931 Use-after-free in WebTransportChild

It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

Linux Distros Unpatched Vulnerability : CVE-2017-2990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitatio...

Linux Distros Unpatched Vulnerability : CVE-2018-19107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp called from psdimage.cpp in the PSD image reader may suffer from a denial of service heap-based buffer...

Linux Distros Unpatched Vulnerability : CVE-2017-5441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects...

Linux Distros Unpatched Vulnerability : CVE-2017-7598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tifdirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted image...

Linux Distros Unpatched Vulnerability : CVE-2014-9638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service divide-by-zero error and crash via a WAV file with the number of channels set ...

Linux Distros Unpatched Vulnerability : CVE-2018-14954

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute. CVE-2018-14954 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2017-11408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful...

Security Vulnerabilities fixed in Thunderbird 136 — Mozilla

Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which instead contained an OpenPGP signed message, were wrongly shown as being encrypted. When requesting an OpenPGP key from a WKD server, an incorrect padding size was used and a network observer could hav...

Linux Distros Unpatched Vulnerability : CVE-2019-10899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a...

Linux Distros Unpatched Vulnerability : CVE-2016-7880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property o...

Linux Distros Unpatched Vulnerability : CVE-2018-2940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u191,...

MongoDB Shell may be susceptible to Control Character Injection via autocomplete

The MongoDB Shell may be susceptible to control character injection where an attacker with control of the mongosh autocomplete feature, can use the autocompletion feature to input and run obfuscated malicious text. This requires user interaction in the form of the user using ‘tab’ to autocomplete...