7666 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-38539
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tracing: Add downwritetraceeventsem when adding trace event When a module is loaded, it adds trace events defined by the module. It may also need to modify the...
CVE-2025-7732
The Lazy Load for Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lazy‑loading handlers in all versions up to, and including, 2.18.7 due to insufficient input sanitization and output escaping. The plugin’s JavaScript registration handlers read the client‑supplied...
Linux Distros Unpatched Vulnerability : CVE-2018-18245
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified checkload plugin to NRPE...
Linux Distros Unpatched Vulnerability : CVE-2018-7640
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability tha...
Linux Distros Unpatched Vulnerability : CVE-2019-10877
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Teeworlds 0.7.2, there is an integer overflow in CMap::Load in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and...
Linux Distros Unpatched Vulnerability : CVE-2024-32230
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideoenc.c:1216:21 in loadinputpicture in FFmpeg7.0...
Linux Distros Unpatched Vulnerability : CVE-2024-31570
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libfreeimage in FreeImage 3.4.0 through 3.18.0 has a stack-based buffer overflow in the PluginXPM.cpp Load function via an XPM file. CVE-2024-31570 Note that...
Linux Distros Unpatched Vulnerability : CVE-2019-3574
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libsixel v1.8.2, there is a heap-based buffer over-read in the function loadjpeg in the file loader.c, as demonstrated by img2sixel. CVE-2019-3574 Note that...
Linux Distros Unpatched Vulnerability : CVE-2020-11986
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - To be able to analyze gradle projects, the build scripts need to be executed. Apache NetBeans follows this pattern. This causes the code of the build script to ...
Linux Distros Unpatched Vulnerability : CVE-2025-8747
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A safe mode bypass vulnerability in the Model.loadmodel method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by...
Linux Distros Unpatched Vulnerability : CVE-2020-0256
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when...
Linux Distros Unpatched Vulnerability : CVE-2018-7638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability tha...
SUSE SLES12 Security Update : gdk-pixbuf (SUSE-SU-2025:03010-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:03010-1 advisory. - CVE-2025-7345: Fixed heap buffer overflow in gdkpixbufjpegimageloadincrement function bsc1246114 Tenable has extracted the preceding description blo...
Security update for gdk-pixbuf
This update for gdk-pixbuf fixes the following issues: CVE-2025-7345: Fixed heap buffer overflow in gdkpixbufjpegimageloadincrement function bsc1246114 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:03010-1 Security update for gdk-pixbuf
This update for gdk-pixbuf fixes the following issues: - CVE-2025-7345: Fixed heap buffer overflow in gdkpixbufjpegimageloadincrement function bsc1246114...
CVE-2025-7732
The Lazy Load for Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lazy‑loading handlers in all versions up to, and including, 2.18.7 due to insufficient input sanitization and output escaping. The plugin’s JavaScript registration handlers read the client‑supplied...
CVE-2025-7732
CVE-2025-7732: The WordPress plugin Lazy Load for Videos (
CVE-2025-7732 Lazy Load for Videos <= 2.18.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via data-video-title and href Attributes
The Lazy Load for Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lazy‑loading handlers in all versions up to, and including, 2.18.7 due to insufficient input sanitization and output escaping. The plugin’s JavaScript registration handlers read the client‑supplied...
CVE-2025-7732 Lazy Load for Videos <= 2.18.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via data-video-title and href Attributes
The Lazy Load for Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lazy‑loading handlers in all versions up to, and including, 2.18.7 due to insufficient input sanitization and output escaping. The plugin’s JavaScript registration handlers read the client‑supplied...
Linux Distros Unpatched Vulnerability : CVE-2019-14734
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AdPlug 2.3.1 has multiple heap-based buffer overflows in CmtkLoader::load in mtk.cpp. CVE-2019-14734 Note that Nessus relies on the presence of the package as...