1631 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-0618
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified...
Linux Distros Unpatched Vulnerability : CVE-2015-3405
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest...
Linux Distros Unpatched Vulnerability : CVE-2017-9525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root...
Linux Distros Unpatched Vulnerability : CVE-2017-16844
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application cra...
Linux Distros Unpatched Vulnerability : CVE-2019-9740
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a ur...
Linux Distros Unpatched Vulnerability : CVE-2017-11591
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input...
Linux Distros Unpatched Vulnerability : CVE-2021-29470
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in...
Linux Distros Unpatched Vulnerability : CVE-2020-9893
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2...
Linux Distros Unpatched Vulnerability : CVE-2019-16166
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c. CVE-2019-16166 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2020-16031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2015-4646
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 1 unsquash-1.c, 2 unsquash-2.c, 3 unsquash-3.c, and 4 unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service application cra...
Linux Distros Unpatched Vulnerability : CVE-2019-16276
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. CVE-2019-16276 Note that Nessus relies on the presence of the package as reported by th...
Linux Distros Unpatched Vulnerability : CVE-2015-3409
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working...
Linux Distros Unpatched Vulnerability : CVE-2019-3842
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In systemd before v242-rc4, it was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is possible for a...
Linux Distros Unpatched Vulnerability : CVE-2017-5440
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to object...
Linux Distros Unpatched Vulnerability : CVE-2016-9586
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf functions. If...
Linux Distros Unpatched Vulnerability : CVE-2015-8818
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The cpuphysicalmemorywriterominternal function in exec.c in QEMU aka Quick Emulator does not properly skip MMIO regions, which allows local privileged guest use...
Linux Distros Unpatched Vulnerability : CVE-2017-17887
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ImageMagick 7.0.7-16 Q16, a memory leak vulnerability was found in the function GetImagePixelCache in magick/cache.c, which allows attackers to cause a denia...
Linux Distros Unpatched Vulnerability : CVE-2015-7554
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecifie...
Linux Distros Unpatched Vulnerability : CVE-2014-9833
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. CVE-2014-9833 Note that Nessus relies on the presence of the package as reported by the vendor...