1823 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-3120
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The validateasrequest function in kdcutil.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.13.6 and 1.4.x before 1.14.3, when...
Linux Distros Unpatched Vulnerability : CVE-2018-8777
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted...
Linux Distros Unpatched Vulnerability : CVE-2016-7946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - X.org libXi before 1.7.7 allows remote X servers to cause a denial of service infinite loop via vectors involving length fields. CVE-2016-7946 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2017-9263
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Open vSwitch OvS 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort function for undefined role status reasons in the functio...
Linux Distros Unpatched Vulnerability : CVE-2020-15115
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of on...
Linux Distros Unpatched Vulnerability : CVE-2020-14061
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to...
Linux Distros Unpatched Vulnerability : CVE-2016-5411
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - /var/lib/ovirt-engine/setup/engine-DC-config.py in Red Hat QuickStart Cloud Installer QCI before 1.0 GA is created world readable and contains the root password...
Linux Distros Unpatched Vulnerability : CVE-2020-10729
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template...
Linux Distros Unpatched Vulnerability : CVE-2018-10855
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the nolog task flag for failed tasks. When the nolog flag has been used to protect sensitive da...
Linux Distros Unpatched Vulnerability : CVE-2018-1071
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd function. A local attacker could exploit this to cause a denial o...
Linux Distros Unpatched Vulnerability : CVE-2014-9824
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-982...
Linux Distros Unpatched Vulnerability : CVE-2015-5300
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The panicgate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which...
Linux Distros Unpatched Vulnerability : CVE-2014-8275
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to...
Linux Distros Unpatched Vulnerability : CVE-2017-13716
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service excessiv...
Linux Distros Unpatched Vulnerability : CVE-2015-5602
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in...
Linux Distros Unpatched Vulnerability : CVE-2017-5884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y...
Linux Distros Unpatched Vulnerability : CVE-2017-12997
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The LLDP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print- lldp.c:lldpprivate8021print. CVE-2017-12997 Note that Nessus relies ...
Linux Distros Unpatched Vulnerability : CVE-2018-19963
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen 4.11 allowing HVM guest OS users to cause a denial of service host OS crash or possibly gain host OS privileges because x86 IOREQ...
Linux Distros Unpatched Vulnerability : CVE-2014-1309
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service memory...
Linux Distros Unpatched Vulnerability : CVE-2013-4392
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on...