RHEL 5 : busybox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - busybox: heap-based buffer overflow in OPTION6RD parsing CVE-2016-2148 - Directory traversal vulnerabilit...

RHEL 4 : busybox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - busybox: Path traversal via crafted tar file containing symlink CVE-2011-5325 - The addprobe function in...

The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x 18.x and 20.x. Please note that at the time this CVE was issued the policy is an experimental feature of Node.js.

...

kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN

The devload function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAPSYSMODULE capability requirement and load arbitrary modules by leveraging the CAPNETADMIN capability...