601 matches found
CVE-2025-54286
Cross-Site Request Forgery CSRF in LXD-UI in Canonical LXD versions = 5.0 on Linux allows an attacker to create and start container instances without user consent via crafted HTML form submissions exploiting client certificate authentication...
CVE-2025-54290
CVE-2025-54290 affects Canonical LXD before 6.5 and 5.21.4 on Linux. The vulnerability lies in the image export API, where error handling and LIKE wildcard matching can reveal project existence without authentication. An attacker can remotely determine whether a project exists by sending crafted ...
CVE-2025-54290
Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints...
idm:DL1 security update
bind-dyndb-ldap 11.6-6 - Fix rpminspect warnings Resolves: RHEL-22497 custodia ipa 4.9.13-20.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.9.13-20 - Refactor ipatests for unique krbcanonicalname Resolves: RHEL-110061 4.9.13-19 - Enforce uniqueness across krbprincipalnam...
OpenSSL DoS Vulnerability (20250930, CVE-2025-9230) - Linux
OpenSSL is prone to a denial of service DoS vulnerability due to a out-of-bounds read & write in RFC 3211 KEK Unwrap. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2025-6724
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in multiple services via improperly neutralized inputs used in an SQL command...
CVE-2025-8868
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...
CVE-2025-8868
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...
CVE-2025-8868 Chef Automate compliance service SQL Injection Vulnerability
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...
CVE-2025-6724
CVE-2025-6724 affects Chef Automate on Linux x86, prior to 4.13.295, where an authenticated attacker can access restricted functionality in multiple services due to improperly neutralized inputs used in an SQL command. The root cause is input handling that enables SQL injection. Exploitation deta...
CVE-2025-6724 Chef Automate SQL Injection Vulnerability
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in multiple services via improperly neutralized inputs used in an SQL command...
PT-2025-39823
Name of the Vulnerable Software and Affected Versions Chef Automate versions prior to 4.13.295 Description Chef Automate versions earlier than 4.13.295 on Linux x86 are susceptible to a condition where an authenticated attacker can access restricted functionality. This is due to improperly...
PT-2025-39733
Name of the Vulnerable Software and Affected Versions llama-index-core versions through 0.12.44 Description The software has an issue in the get cache dir function due to the use of a predictable, hardcoded directory path /tmp/llama index on Linux systems without sufficient security measures. Thi...
hackingtool-v5.1
All in One Hacking tool For Hackers🥇 !https://img.shields...
CVE-2025-10201
Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: High...
Linux Distros Unpatched Vulnerability : CVE-2023-27114
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasmdis at p/wasm/wasm.c. CVE-2023-27114 Note that Nessus relies on the presence...
Linux Distros Unpatched Vulnerability : CVE-2017-11654
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 processed SIP traffic, because 0x00 termination of a payload array was mishandled. A remo...
Linux Distros Unpatched Vulnerability : CVE-2021-46052
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate. CVE-2021-46052 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2017-1000122
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised secondary proces...
Linux Distros Unpatched Vulnerability : CVE-2023-49085
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti provides an operational monitoring and fault management framework. In versions 1.2.25 and prior, it is possible to execute arbitrary SQL code through the...