4467 matches found
Exploit for CVE-2025-20393
CVE-2025-20393 Scanner !CVSS Scorehttps://img.shields.io/b...
Linux Distros Unpatched Vulnerability : CVE-2025-68323
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: typec: ucsi: fix use-after-free caused by uec-work The delayed work uec-work is scheduled in gaokunucsiprobe but never properly canceled in gaokunucsiremov...
CVE-2025-67876 ChurchCRM has Stored XSS in Group Role Name Leading to Admin Session Hijacking
ChurchCRM is an open-source church management system. A stored cross-site scripting XSS vulnerability exists in ChurchCRM versions 6.4.0 and prior that allows a low-privilege user with the “Manage Groups” permission to inject persistent JavaScript into group role names. The payload is saved in th...
Linux Distros Unpatched Vulnerability : CVE-2025-68289
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: feem: Fix memory leak in eemunwrap The existing code did not handle the failure case of usbepqueue in the command path, potentially leading to memo...
Linux Distros Unpatched Vulnerability : CVE-2025-68263
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic...
Linux Distros Unpatched Vulnerability : CVE-2025-68178
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-cgroup: fix possible deadlock while configuring policy Following deadlock can be triggered easily by lockdep: WARNING: possible circular locking dependency...
Linux Distros Unpatched Vulnerability : CVE-2022-50652
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uio: uiodmemgenirq: Fix missing unlock in irq configuration Commit b74351287d4b uio: fix a sleep-in- atomic-context bug in uiodmemgenirqirqcontrol started calli...
Linux Distros Unpatched Vulnerability : CVE-2022-50638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix bugon in estreesearch caused by bad boot loader inode We got a issue as fllows: ==================================================================...
Linux Distros Unpatched Vulnerability : CVE-2023-53798
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since...
Linux Distros Unpatched Vulnerability : CVE-2025-14308
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow vulnerability exists in the write method of the Buffer class in Robocode version 1.9.3.6. The method fails to properly validate the length o...
Linux Distros Unpatched Vulnerability : CVE-2025-14322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31,...
Linux Distros Unpatched Vulnerability : CVE-2023-53860
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm: don't attempt to queue IO under RCU protection dm looks up the table for IO based on the request type, with an assumption that if the request is marked...
Linksys RE7000 Router Firmware <= 2.0.15_211230_1012 Buffer Overflow Vulnerability
Linksys RE7000 routers are prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Linux Distros Unpatched Vulnerability : CVE-2023-53858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tty: serial: samsungtty: Fix a memory leak in s3c24xxserialgetclk in case of error If clkgetrate fails, the clk that has just been allocated needs to be freed...
Linux Distros Unpatched Vulnerability : CVE-2025-40310
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - amd/amdkfd: resolve a race in amdgpuamdkfddevicefinisw There is race in amdgpuamdkfddevicefinisw and interrupt. if amdgpuamdkfddevicefinisw run in b/w...
Linux Distros Unpatched Vulnerability : CVE-2023-53747
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vcscreen: reload load of struct vcdata pointer in vcswrite to avoid UAF After a call to consoleunlock in vcswrite the vcdata struct can be freed by...
Linux Distros Unpatched Vulnerability : CVE-2025-40303
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: ensure no dirty metadata is written back for an fs with errors BUG During development of a minor feature make sure all btrfsbio::endio is called in task...
Linux Distros Unpatched Vulnerability : CVE-2025-40218
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/vaddr: do not repeat pteoffsetmaplock until success DAMON's virtual address space operation set implementation vaddr calls pteoffsetmaplock inside the...
Linux Distros Unpatched Vulnerability : CVE-2025-40240
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: avoid NULL dereference when chunk data buffer is missing chunk-skb pointer is dereferenced in the if-block where it's supposed to be NULL only. chunk-skb...
CVE-2025-66021 OWASP Java HTML Sanitizer is vulnerable to XSS via noscript tag and improper style tag sanitization
OWASP Java HTML Sanitizer is a configureable HTML Sanitizer written in Java, allowing inclusion of HTML authored by third-parties in web applications while protecting against XSS. In version 20240325.1, OWASP java html sanitizer is vulnerable to XSS if HtmlPolicyBuilder allows noscript and style...