16954 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-14444
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - applyrelocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation in byteputlittleendian...
Linux Distros Unpatched Vulnerability : CVE-2019-14250
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simpleobjectelfmatch in simple-object-elf.c does not check for a zero shstrndx...
Linux Distros Unpatched Vulnerability : CVE-2017-12960
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a reachable assertion abort in the function dictrenamevar in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote...
Linux Distros Unpatched Vulnerability : CVE-2016-6131
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The demangler in GNU Libiberty allows remote attackers to cause a denial of service infinite loop, stack overflow, and crash via a cycle in the references of...
Linux Distros Unpatched Vulnerability : CVE-2019-9192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '|\1\1' in grep, ...
Linux Distros Unpatched Vulnerability : CVE-2015-8972
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess aka gnuchess before 6.2.4 might allow context-dependent attackers to...
Linux Distros Unpatched Vulnerability : CVE-2019-11639
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNU recutils 1.8. There is a stack-based buffer overflow in the function rectypecheckenum at rec-types.c in librec.a. CVE-2019-11639...
Linux Distros Unpatched Vulnerability : CVE-2017-9763
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The grubext2readblock function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a...
Linux Distros Unpatched Vulnerability : CVE-2007-1268
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mutt 1.5.13 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Mutt from visually distinguishing between signed and...
Linux Distros Unpatched Vulnerability : CVE-2017-17531
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote...
Linux Distros Unpatched Vulnerability : CVE-2019-12972
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in...
Linux Distros Unpatched Vulnerability : CVE-2017-12958
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an illegal address access in the function outputhex in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial ...
Astra Linux - уязвимость в binutils
A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfdelfsetgroupcontents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has bee...
Linux Distros Unpatched Vulnerability : CVE-2025-8735
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the componen...
Linux Distros Unpatched Vulnerability : CVE-2024-0553
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with...
Linux Distros Unpatched Vulnerability : CVE-2017-7963
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The GNU Multiple Precision Arithmetic Library GMP interfaces for PHP through 7.1.4 allow attackers to cause a denial of service memory consumption and applicati...
curl: curl leaks destination IP via glibc getaddrinfo() UDP connect, bypassing SOCKS5/Tor
Summary: When using curl with a SOCKS5 proxy e.g. Tor on 127.0.0.1:9050, glibc getaddrinfo performs direct UDP connect probes to the target’s IP:443. These syscalls bypass the proxy and expose the user’s route to the destination, breaking anonymity expectations. The IPs I got in my case:...
USN-7700-1 gcc-10, gcc-11, gcc-12 vulnerability
It was discovered that the -fstack-protector hardening feature in GCC for AArch64 did not properly protect dynamically-sized local variables such as those created using C99 variable length arrays or alloca. As a result, an attacker who was able to trigger a buffer overflow in such cases could...
Alibaba Cloud Linux 3 : 0138: glibc (ALINUX3-SA-2025:0138)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0138 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-0395: When the assert function in...
Mozilla Firefox ESR < 140.2
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-67 advisory. - Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ES...