CLSA-2025-1756409595 clamav: Fix of 4 CVEs

Update to 1.4.3 LTS - CVE-2025-20260: Fixed a possible buffer overflow write bug in the PDF file parser - CVE-2025-20234: Fixed a possible buffer overflow read bug in the UDF file parser - CVE-2025-20128: Fixed a possible buffer overflow read bug in the OLE2 file parser - CVE-2024-20506: Changed...

Linux Distros Unpatched Vulnerability : CVE-2021-45831

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in MP4Box via strlenavx2, which causes a Denial of Service. CVE-2021-45831 Note that Nessus relies...

Linux Distros Unpatched Vulnerability : CVE-2017-12105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c applies a particular object modifier to a Mesh. A...

Linux Distros Unpatched Vulnerability : CVE-2021-41458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability. CVE-2021-41458 Note that...

Linux Distros Unpatched Vulnerability : CVE-2022-3279

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an...

Linux Distros Unpatched Vulnerability : CVE-2021-23203

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in reporting engine of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to download PDF...

Linux Distros Unpatched Vulnerability : CVE-2023-3362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure issue in GitLab CE/EE affecting all versions from 16.0 prior to 16.0.6, and version 16.1.0 allows unauthenticated actors to access the...

Linux Distros Unpatched Vulnerability : CVE-2023-46362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jbig2enc v0.28 was discovered to contain a heap-use-after-free via jbig2encautothresholdusinghash in src/jbig2enc.cc. CVE-2023-46362 Note that Nessus relies on...

Linux Distros Unpatched Vulnerability : CVE-2022-32742

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing...

Linux Distros Unpatched Vulnerability : CVE-2021-32565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0...

Linux Distros Unpatched Vulnerability : CVE-2022-27146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gfisomappleenumtag. CVE-2022-27146 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2021-22243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Under specialized conditions, GitLab CE/EE versions starting 7.10 may allow existing GitLab users to use an invite URL meant for another email address to gain...

Linux Distros Unpatched Vulnerability : CVE-2020-36228

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial o...

Linux Distros Unpatched Vulnerability : CVE-2022-3767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless ...

Linux Distros Unpatched Vulnerability : CVE-2020-13543

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free...

Linux Distros Unpatched Vulnerability : CVE-2020-8178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient input validation in npm package jison = 0.4.18 may lead to OS command injection attacks. CVE-2020-8178 Note that Nessus relies on the presence of t...

Linux Distros Unpatched Vulnerability : CVE-2020-25788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUESTurl in an error message...

Linux Distros Unpatched Vulnerability : CVE-2022-45586

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service. CVE-2022-45586 Note that...

Linux Distros Unpatched Vulnerability : CVE-2022-42852

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2...

Linux Distros Unpatched Vulnerability : CVE-2022-46692

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2...