4512 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-9170
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input- bmp.c:370:25. CVE-2017-9170 Note that Nessus relies on t...
Linux Distros Unpatched Vulnerability : CVE-2017-11573
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName parsettf.c resulting in DoS or code execution via a crafted otf file...
Linux Distros Unpatched Vulnerability : CVE-2012-0075
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknow...
Linux Distros Unpatched Vulnerability : CVE-2014-9829
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - coders/sun.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds access via a crafted sun file. CVE-2014-9829 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2017-11448
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to obtain sensitive information from uninitialized memory...
Linux Distros Unpatched Vulnerability : CVE-2017-17810
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Netwide Assembler NASM 2.14rc0, there is a SEGV on unknown address that will cause a remote denial of service attack, because asm/preproc.c mishandles macro...
Linux Distros Unpatched Vulnerability : CVE-2014-8182
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an...
Linux Distros Unpatched Vulnerability : CVE-2016-5317
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows...
Linux Distros Unpatched Vulnerability : CVE-2020-28097
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgaconscrolldelta out-of-bounds read, aka CID-973c096f6a85...
Linux Distros Unpatched Vulnerability : CVE-2020-12422
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memo...
Linux Distros Unpatched Vulnerability : CVE-2015-7498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service v...
Linux Distros Unpatched Vulnerability : CVE-2011-1098
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the...
Linux Distros Unpatched Vulnerability : CVE-2011-2725
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. dot dot sequences i...
Linux Distros Unpatched Vulnerability : CVE-2010-3767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to...
Linux Distros Unpatched Vulnerability : CVE-2011-3605
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The processrs function in the router advertisement daemon radvd before 1.8.2, when UnicastOnly is enabled, allows remote attackers to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2005-2395
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause...
PT-2025-9030 · Motorola Mobility · Droid Razr Hd
Name of the Vulnerable Software and Affected Versions: Motorola Mobility Droid Razr HD version 9.18.94.XT926.Verizon.en.US Description: An issue in the device allows physically proximate unauthorized attackers to access USB debugging, leading to control of the host device itself. This issue can b...
PT-2025-8660 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A signed integer overflow issue has been identified in the Linux kernel, specifically in the ipv6 component, related to the l2tp ip6 sendmsg function. This occurs when the length len i...
CVE-2025-27135
RAGFlow (open-source Retrieval-Augmented Generation engine) is affected by CVE-2025-27135. Versions 0.15.1 and earlier are vulnerable due to the ExeSQL component, which extracts SQL statements from input and sends them directly to the database query, enabling SQL injection. Reported impact is hig...
PT-2025-7904 · Ragflow · Ragflow
Name of the Vulnerable Software and Affected Versions: RAGFlow versions 0.15.1 and prior Description: RAGFlow is an open-source RAG Retrieval-Augmented Generation engine. The ExeSQL component extracts the SQL statement from the input and sends it directly to the database query, making it vulnerab...