1829 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-5300
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The panicgate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which...
Linux Distros Unpatched Vulnerability : CVE-2014-9824
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-982...
Linux Distros Unpatched Vulnerability : CVE-2019-17595
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a heap-based buffer over-read in the fmtentry function in tinfo/comphash.c in the terminfo library in ncurses before 6.1-20191012. CVE-2019-17595 Note...
Linux Distros Unpatched Vulnerability : CVE-2015-5602
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in...
Linux Distros Unpatched Vulnerability : CVE-2014-3528
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials,...
Linux Distros Unpatched Vulnerability : CVE-2015-20107
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow...
Linux Distros Unpatched Vulnerability : CVE-2014-9657
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ttfaceloadhdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a...
Linux Distros Unpatched Vulnerability : CVE-2017-6501
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference. CVE-2017-6501 Note that Nessus relies on th...
Linux Distros Unpatched Vulnerability : CVE-2019-8680
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2,...
Linux Distros Unpatched Vulnerability : CVE-2017-17817
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Netwide Assembler NASM 2.14rc0, there is a use-after-free in ppverror in asm/preproc.c that will cause a remote denial of service attack. CVE-2017-17817 Note...
Linux Distros Unpatched Vulnerability : CVE-2017-18018
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX -R -L options...
Linux Distros Unpatched Vulnerability : CVE-2018-15909
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to...
Linux Distros Unpatched Vulnerability : CVE-2018-10850
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the...
Linux Distros Unpatched Vulnerability : CVE-2018-11213
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libjpeg 9a. The gettextgrayrow function in rdppm.c allows remote attackers to cause a denial of service Segmentation fault via a...
Linux Distros Unpatched Vulnerability : CVE-2013-1676
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17...
Linux Distros Unpatched Vulnerability : CVE-2016-5030
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dwarfcalculateinfosectionendptr function in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via a...
Linux Distros Unpatched Vulnerability : CVE-2017-5884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y...
Linux Distros Unpatched Vulnerability : CVE-2013-0179
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The processbindelete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause...
Linux Distros Unpatched Vulnerability : CVE-2017-5969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service NULL pointer dereference via a crafted XML document. NOTE: The...
Linux Distros Unpatched Vulnerability : CVE-2014-8275
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to...