2358 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-14680
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames. CVE-2018-14680 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2016-4069
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site request forgery CSRF vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that...
Linux Distros Unpatched Vulnerability : CVE-2018-19969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to...
Linux Distros Unpatched Vulnerability : CVE-2018-4214
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTun...
Linux Distros Unpatched Vulnerability : CVE-2017-11546
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The insertnotesteps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service divide-by-zero error and application crash...
Linux Distros Unpatched Vulnerability : CVE-2019-11251
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar...
Linux Distros Unpatched Vulnerability : CVE-2015-0234
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple temporary file creation vulnerabilities in pki-core 10.2.0. CVE-2015-0234 Note that Nessus relies on the presence of the package as reported by the...
Linux Distros Unpatched Vulnerability : CVE-2019-14289
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xpdf 4.01.01. There is an integer overflow in the function JBIG2Bitmap::combine at JBIG2Stream.cc for the multiple bytes per line cas...
Linux Distros Unpatched Vulnerability : CVE-2017-12165
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request...
Linux Distros Unpatched Vulnerability : CVE-2017-5853
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. CVE-2017-5853 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2018-1000613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlle...
Linux Distros Unpatched Vulnerability : CVE-2016-8579
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - docker2aci = 0.12.3 has an infinite loop when handling local images with cyclic dependency chain. CVE-2016-8579 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2017-7012
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected...
Linux Distros Unpatched Vulnerability : CVE-2017-16906
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a Calendar - New Event action. CVE-2017-16906 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2018-14072
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libsixel 1.8.1 has a memory leak in sixeldecoderdecode in decoder.c, imagebufferresize in fromsixel.c, and sixeldecoderaw in fromsixel.c. CVE-2018-14072 Note th...
Linux Distros Unpatched Vulnerability : CVE-2015-8858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a regular...
Linux Distros Unpatched Vulnerability : CVE-2019-5061
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before...
Linux Distros Unpatched Vulnerability : CVE-2019-3467
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian-edu-config all versions 2.11.10, a set of configuration files used for Debian Edu, and debian- lan-config 0.26, configured too permissive ACLs for the...
Linux Distros Unpatched Vulnerability : CVE-2018-4376
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTun...
Linux Distros Unpatched Vulnerability : CVE-2017-8845
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The lzo1xdecompress function in lzo1xd.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service invalid memory read and...