54 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-0373
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7.1 allows project non-members to retrieve the service desk emai...
Linux Distros Unpatched Vulnerability : CVE-2023-52723
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server logs because a username variable is accidentally given a passwo...
Linux Distros Unpatched Vulnerability : CVE-2017-7674
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating tha...
CVE-2025-3497 Radiflow iSAP Smart Collector Linux distribution unmaintained
The Linux distribution underlying the Radiflow iSAP Smart Collector CentOS 7 - VSAP 1.20 is obsolete and reached end of life EOL on June 30, 2024. Thus, any unmitigated vulnerability could be exploited to affect this product...
Linux Distros Unpatched Vulnerability : CVE-2024-53145
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONGMAX, which can be easily triggered on...
Linux Distros Unpatched Vulnerability : CVE-2024-6519
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape. CVE-2024-6519 Note...
Linux Distros Unpatched Vulnerability : CVE-2024-24246
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::sharedcount function at /bits/sharedptrbase.h...
Linux Distros Unpatched Vulnerability : CVE-2022-49516
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ice: always check VF VSI pointer values The icegetvfvsi function can return NULL in some cases, such as if handling messages during a reset where the VSI is bei...
Linux Distros Unpatched Vulnerability : CVE-2022-2946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free in GitHub repository vim/vim prior to 9.0.0246. CVE-2022-2946 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2021-3507
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 including. It could occur in fdctrltransferhandler in hw/block/fdc.c while...
Linux Distros Unpatched Vulnerability : CVE-2021-34825
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system...
Linux Distros Unpatched Vulnerability : CVE-2024-27628
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in DCMTK v.3.6.8 allows an attacker to execute arbitrary code via the EctEnhancedCT method component. CVE-2024-27628 Note that...
Linux Distros Unpatched Vulnerability : CVE-2024-47752
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: mediatek: vcodec: Fix H264 stateless decoder smatch warning Fix a smatch static checker warning on vdech264reqif.c. Which leads to a kernel crash when fb...
Linux Distros Unpatched Vulnerability : CVE-2023-33204
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sysstat through 12.7.2 allows a multiplication integer overflow in checkoverflow in common.c. NOTE: this issue exists because of an incomplete fix for...
Linux Distros Unpatched Vulnerability : CVE-2024-21510
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host XFH header. When makin...
Linux Distros Unpatched Vulnerability : CVE-2024-33877
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5Tconvstructopt in H5Tconv.c. CVE-2024-33877 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2024-0804
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTM...
Linux Distros Unpatched Vulnerability : CVE-2023-0412
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE-2023-0412 Not...
Linux Distros Unpatched Vulnerability : CVE-2022-26563
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization. CVE-2022-2656...
Linux Distros Unpatched Vulnerability : CVE-2021-43314
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func getle32. The problem is essentiall...