164 matches found
PT-2024-40965 · Unknown · Gtk-Layer-Shell
Name of the Vulnerable Software and Affected Versions: gtk-layer-shell versions affected versions not specified Description: The gtk-layer-shell GTK3 bindings are no longer maintained. The maintainers have archived the repository and added a note to the crate description and its README.md that th...
CVE-2024-52814
Argo Helm is a collection of community maintained charts for argoproj.github.io projects. Prior to version 0.45.0, the workflow-role lacks granularity in its privileges, giving permissions to workflowtasksets and workflowartifactgctasks to all workflow Pods, when only certain types of Pods create...
RUSTSEC-2024-0436 paste - no longer maintained
The creator of the crate paste has stated in the README.md that this project is not longer maintained as well as archived the repository Possible Alternatives - pastey: a fork of paste and is aimed to be a drop-in replacement with additional features for paste crate - withbuiltinmacros: crate...
PT-2024-41088 · Paste · Paste
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The creator of the crate paste has stated that this project is no longer maintained and has archived the repository. Recommendations: At the moment, there is no information about a newer...
bcc is unmaintained
bcc will no longer be maintained as declared by the developer. Users are recommended to use libbpf-rs instead. See libbpf-rs...
PT-2024-40928 · Hwloc · Hwloc
Name of the Vulnerable Software and Affected Versions: hwloc affected versions not specified Description: The hwloc project has been archived by its developer and will no longer be maintained. This decision was made without any issues being reported. Recommendations: At the moment, there is no...
PT-2024-40929 · Bcc · Bcc
Name of the Vulnerable Software and Affected Versions: bcc affected versions not specified Description: The bcc software will no longer be maintained as declared by the developer. Users are recommended to use libbpf-rs instead. Recommendations: At the moment, there is no information about a newer...
DEBIAN-CVE-2024-43407
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in the GeSHi syntax highlighter library hosted by the victim. The GeSH...
PT-2024-40936 · Minitrace · Minitrace
Name of the Vulnerable Software and Affected Versions: minitrace affected versions not specified Description: The minitrace maintainers have decided to stop maintaining minitrace and are instead continuing its development under a new organizational structure. As a result, minitrace is no longer...
Fedoraproject Fedora SEoL (22.x)
According to its version, Fedoraproject Fedora is 22.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 ...
Red Hat Enterprise Linux SEoL (5.x)
According to its version, Red Hat Enterprise Linux is 5.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 809...
PT-2024-40935 · Unknown · Openslides
Name of the Vulnerable Software and Affected Versions: openslide affected versions not specified Description: The openslide crate is no longer maintained, with its last release on 2018-11-20. Recommendations: At the moment, there is no information about a newer version that contains a fix for thi...
Canonical Ubuntu Linux SEoL (7.04.x)
According to its version, Canonical Ubuntu Linux is 7.04.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...
Canonical Ubuntu Linux SEoL (22.10.x)
According to its version, Canonical Ubuntu Linux is 22.10.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL...
CentOS SEoL (4.x)
According to its version, CentOS is 4.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable, Inc...
[SECURITY] Fedora 39 Update: rust-dotenvy-0.15.7-4.fc39
A well-maintained fork of the dotenv crate...
GHSA-Q3JM-V27Q-JFWW titon/framework vulnerable to Remote Code Execution via Chosen-Ciphertext Attack
titon/framework package which is now abandoned and no longer maintained is vulnerable to remote code execution via Chosen-Ciphertext Attack...
PT-2024-23925 · Unknown · Replify-Messenger
Name of the Vulnerable Software and Affected Versions: Replify-Messenger version 1.0 Description: A vulnerability has been found in the processing of the file androidmanifest.xml of the component Backup File Handler. This issue leads to exposure of backup files to an unauthorized control sphere,...
PT-2024-22025 · Unknown · Flusity-Cms
Name of the Vulnerable Software and Affected Versions: flusity CMS versions through 2.45 Description: The issue allows for XSS in the Gallery Name through the tools/addons model.php file. The product has ceased its development as of February 2024. Recommendations: For versions through 2.45, as a...
DoS (Denial of Service) net.sourceforge.nekohtml:nekohtml Dependency in Jira Software Data Center and Server
This High severity net.sourceforge.nekohtml:nekohtml Dependency vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, and 9.9.0 of Jira Software Data Center and Server. This net.sourceforge.nekohtml:nekohtml Dependency vulnerability, with a CVSS...