10065 matches found
PT-2025-44139
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the tty subsystem, specifically in the n gsm component. The issue arises from the potential to block the input queue while waiting for a Modem...
Linux Distros Unpatched Vulnerability : CVE-2019-9764
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to-agent TLS communication. In other words, the product behaves as if verifyserverhostname...
Linux Distros Unpatched Vulnerability : CVE-2019-11873
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a craft...
Linux Distros Unpatched Vulnerability : CVE-2022-25638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server. This occurs when the...
Linux Distros Unpatched Vulnerability : CVE-2019-12219
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an invalid...
Linux Distros Unpatched Vulnerability : CVE-2021-30004
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wpasupplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. CVE-2021-3000...
SUSE CVE-2024-58239
In the Linux kernel, the following vulnerability has been resolved: tls: stop recv if initial processrxlist gave us non-DATA If we have a non-DATA record on the rxlist and another record of the same type still on the queue, we will end up merging them: - processrxlist copies the non-DATA record -...
USN-7719-1 linux-raspi-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
Important: Red Hat Security Advisory: Insights proxy Container Image
Initial GA Release of Red Hat Insights proxy The Insights proxy Container is used by the Insights proxy product RPM and serves as an intermediary between cystomer systems in disconnected networks, air-gapped systems or systems with no outside connections and Insights. The Insights proxy routes al...
kernel: tls: always refresh the queue when reading sock
In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...
PT-2025-34800 · Ipfire · Ipfire
Name of the Vulnerable Software and Affected Versions: IPFire version 2.29 Description: The DNS management interface dns.cgi in IPFire fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLS HOSTNAME query parameters. This results in a reflected cross-site scripting XSS...
Fedora 41 : python3-docs / python3.13 (2025-62fe746ed0)
The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-62fe746ed0 advisory. Python 3.13.7 is the seventh maintenance release of 3.13. 3.13.7 is an expedited release to fix a significant issue with the 3.13.6 release: - gh-137583:...
Linux Distros Unpatched Vulnerability : CVE-2022-27782
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps...
Linux Distros Unpatched Vulnerability : CVE-2020-12872
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yawsconfig.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP...
kernel: tls: always refresh the queue when reading sock
In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...
Ubuntu 22.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-7712-1)
"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7712-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...
Linux Distros Unpatched Vulnerability : CVE-2016-10937
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate. CVE-2016-10937 Note that Nessus relies on the presence of the package as reporte...
Linux Distros Unpatched Vulnerability : CVE-2017-9872
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IIIdequantizesample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial ...
Linux Distros Unpatched Vulnerability : CVE-2019-15522
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in LINBIT csync2 through 2.0. csyncdaemonsession in daemon.c neglects to force a failure of a hello command when the configuration...
Linux Distros Unpatched Vulnerability : CVE-2019-12221
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a SEGV in t...