4473 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-1366
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple iOS before 7.1.2, Apple Safari before 6.1.5 and 7.x before 7.0.5, and Apple TV before 6.1.2, allows remote attackers to execute arbitra...
Linux Distros Unpatched Vulnerability : CVE-2020-6621
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stb stbtruetype.h through 1.22 has a heap-based buffer over-read in ttUSHORT. CVE-2020-6621 Note that Nessus relies on the presence of the package as reported b...
Linux Distros Unpatched Vulnerability : CVE-2016-4623
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to execute arbitrary code or cause a denial of service memo...
Linux Distros Unpatched Vulnerability : CVE-2023-38057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper input validation vulnerability in OTRS Survey modules allows any attacker with a link to a valid and unanswered survey request to inject javascript...
CVE-2025-58430 listmonk Vulnerable to CSRF to XSS Chain That Can Lead to Admin Account Takeover
listmonk is a standalone, self-hosted, newsletter and mailing list manager. In versions up to and including 1.1.0, every http request in addition to the session cookie session there included nonce. The value is not checked and validated by the backend, removing nonce allows the requests to be...
PT-2025-36937
Name of the Vulnerable Software and Affected Versions listmonk versions 1.1.0 and earlier Description listmonk, a standalone newsletter and mailing list manager, is susceptible to a chain of vulnerabilities involving Cross-Site Request Forgery CSRF and Cross-Site Scripting XSS. Specifically, the...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the msdia140.dll process. An attacker can execute arbitrary code by supplying specially crafted input that triggers an integer overflow and subsequent heap-bas...
Linux Distros Unpatched Vulnerability : CVE-2025-38713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hfsplus: fix slab-out-of-bounds read in hfsplusuni2asc The hfsplusreaddir method is capable to crash by calling hfsplusuni2asc: 667.121659 T9805...
Linux Distros Unpatched Vulnerability : CVE-2025-39706
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Since KFD proc content was moved to kernel debugfs, we can't destroy KFD debugfs before kfdprocessdestroyw...
Linux Distros Unpatched Vulnerability : CVE-2025-38699
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: bfa: Double-free fix When the bfadimprobe function fails during initialization, the memory pointed to by bfad-im is freed without setting bfad-im to NULL...
Linux Distros Unpatched Vulnerability : CVE-2025-38683
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hvnetvsc: Fix panic during namespace deletion with VF The existing code move the VF NIC to new namespace when NETDEVREGISTER is received on netvsc NIC. During...
WordPress SimaCookie Plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Mika in WordPress Plugin SimaCookie versions = 1.3.2...
Linux Distros Unpatched Vulnerability : CVE-2016-3731
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, and 2.8 through 2.8.11 allows remote attackers to obtain the names of hidden forums and forum discussions...
PT-2025-35876
Name of the Vulnerable Software and Affected Versions: gxp versions affected versions not specified Description: An information leak may occur due to uninitialized data in the ReadTachyonCommands function within gxp main actor.cc. This could lead to local information disclosure without requiring...
Linux Distros Unpatched Vulnerability : CVE-2019-14828
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and earlier unsupported versions, where users with the capability to crea...
Linux Distros Unpatched Vulnerability : CVE-2025-58050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists...
Linux Distros Unpatched Vulnerability : CVE-2022-21713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle use...
Linux Distros Unpatched Vulnerability : CVE-2019-3572
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libming 0.4.8. There is a heap-based buffer over-read in the function writePNG in the file util/dbl2png.c of the dbl2png command-line...
Linux Distros Unpatched Vulnerability : CVE-2017-14737
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover...
Linux Distros Unpatched Vulnerability : CVE-2021-40694
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account. CVE-2021-40694...