1629 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-3111
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input...
Linux Distros Unpatched Vulnerability : CVE-2017-9465
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The yrarenawritedata function in YARA 3.6.1 allows remote attackers to cause a denial of service buffer over-read and application crash or obtain sensitive...
Linux Distros Unpatched Vulnerability : CVE-2025-32365
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced...
Linux Distros Unpatched Vulnerability : CVE-2018-19887
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An invalid memory address dereference was discovered in the huffcode function libfaac/huff2.c in Freeware Advanced Audio Coder FAAC 1.29.9.2. The vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2023-27119
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::Decompiler::WrapChild. CVE-2023-27119 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2018-6152
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to...
Linux Distros Unpatched Vulnerability : CVE-2023-3635
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when...
Linux Distros Unpatched Vulnerability : CVE-2017-10227
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.37 and earlier and...
Linux Distros Unpatched Vulnerability : CVE-2023-23612
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenSearch is an open source distributed and RESTful search engine. OpenSearch uses JWTs to store role claims obtained from the Identity Provider IdP when the...
Linux Distros Unpatched Vulnerability : CVE-2019-9030
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libmatio.a in matio aka MAT File I/O Library 1.5.13. There is a stack-based buffer over-read in MatVarReadNextInfo5 in mat5.c...
Linux Distros Unpatched Vulnerability : CVE-2020-10379
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. CVE-2020-10379 Note that Nessus relies on the presence of the package as...
Linux Distros Unpatched Vulnerability : CVE-2020-8631
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because randstr in...
Linux Distros Unpatched Vulnerability : CVE-2021-21274
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In...
Linux Distros Unpatched Vulnerability : CVE-2019-16785
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Waitress through version 1.3.1 implemented a MAY part of the RFC7230 which states: Although the line terminator for the start-line and header fields is the...
Linux Distros Unpatched Vulnerability : CVE-2021-33451
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in lrzip version 0.641. There are memory leaks in fillbuffer in stream.c. CVE-2021-33451 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2018-6154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2018-19976
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the...
Linux Distros Unpatched Vulnerability : CVE-2019-7343
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Reflected - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable...
Linux Distros Unpatched Vulnerability : CVE-2017-17094
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wp-includes/feed.php in WordPress before 4.9.1 does not properly restrict enclosures in RSS and Atom fields, which might allow attackers to conduct XSS attacks...
Linux Distros Unpatched Vulnerability : CVE-2025-45768
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pyjwt v2.10.1 was discovered to contain weak encryption. NOTE: this is disputed by the Supplier because the key length is chosen by the application that uses th...