4532 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-31207
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Transmission of credentials within query parameters in Checkmk = 2.1.0p26, = 2.0.0p35, and = 2.2.0b6 beta may cause the automation user's secret to be written t...
Linux Distros Unpatched Vulnerability : CVE-2016-10222
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2018-20001
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Libav 12.3, there is a floating point exception in the rangedecodeculshift function called from rangedecodebits in libavcodec/apedec.c that will lead to remo...
CVE-2025-58430 listmonk Vulnerable to CSRF to XSS Chain That Can Lead to Admin Account Takeover
listmonk is a standalone, self-hosted, newsletter and mailing list manager. In versions up to and including 1.1.0, every http request in addition to the session cookie session there included nonce. The value is not checked and validated by the backend, removing nonce allows the requests to be...
PT-2025-36937
Name of the Vulnerable Software and Affected Versions listmonk versions 1.1.0 and earlier Description listmonk, a standalone newsletter and mailing list manager, is susceptible to a chain of vulnerabilities involving Cross-Site Request Forgery CSRF and Cross-Site Scripting XSS. Specifically, the...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the msdia140.dll process. An attacker can execute arbitrary code by supplying specially crafted input that triggers an integer overflow and subsequent heap-bas...
Linux Distros Unpatched Vulnerability : CVE-2025-39706
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Since KFD proc content was moved to kernel debugfs, we can't destroy KFD debugfs before kfdprocessdestroyw...
Linux Distros Unpatched Vulnerability : CVE-2025-38683
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hvnetvsc: Fix panic during namespace deletion with VF The existing code move the VF NIC to new namespace when NETDEVREGISTER is received on netvsc NIC. During...
Linux Distros Unpatched Vulnerability : CVE-2025-38713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hfsplus: fix slab-out-of-bounds read in hfsplusuni2asc The hfsplusreaddir method is capable to crash by calling hfsplusuni2asc: 667.121659 T9805...
Linux Distros Unpatched Vulnerability : CVE-2025-38699
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: bfa: Double-free fix When the bfadimprobe function fails during initialization, the memory pointed to by bfad-im is freed without setting bfad-im to NULL...
WordPress SimaCookie Plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Mika in WordPress Plugin SimaCookie versions = 1.3.2...
Linux Distros Unpatched Vulnerability : CVE-2016-3731
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, and 2.8 through 2.8.11 allows remote attackers to obtain the names of hidden forums and forum discussions...
PT-2025-35876
Name of the Vulnerable Software and Affected Versions: gxp versions affected versions not specified Description: An information leak may occur due to uninitialized data in the ReadTachyonCommands function within gxp main actor.cc. This could lead to local information disclosure without requiring...
Linux Distros Unpatched Vulnerability : CVE-2025-58050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists...
Linux Distros Unpatched Vulnerability : CVE-2022-21713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle use...
Linux Distros Unpatched Vulnerability : CVE-2019-14828
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where users with the capability to crea...
Linux Distros Unpatched Vulnerability : CVE-2019-3572
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libming 0.4.8. There is a heap-based buffer over-read in the function writePNG in the file util/dbl2png.c of the dbl2png command-line...
Linux Distros Unpatched Vulnerability : CVE-2013-2632
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service application crash or possibly have...
Linux Distros Unpatched Vulnerability : CVE-2024-36823
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The encrypt function of Ninja Core v7.0.0 was discovered to use a weak cryptographic algorithm, leading to a possible leakage of sensitive information...
Linux Distros Unpatched Vulnerability : CVE-2017-2576
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums. CVE-2017-2576 Note that Nessus relies on the presence of the package as reported...