Linux Distros Unpatched Vulnerability : CVE-2024-43815

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: mxs-dcp - Ensure payload is zero when using key slot We could leak stack memory...

Fedora 42 : chromium (2025-04158e05ef)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-04158e05ef advisory. Updated to 139.0.7258.66 CVE-2025-8576: Use after free in Extensions CVE-2025-8578: Use after free in Cast CVE-2025-8579: Inappropriate implementati...

Linux Distros Unpatched Vulnerability : CVE-2022-50227

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timer only once Add a check for existing xen timers before...

Linux Distros Unpatched Vulnerability : CVE-2020-35112

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a user downloaded a file lacking an extension on Windows, and then Open-ed it from the downloads panel, if there was an executable file in the downloads...

Linux Distros Unpatched Vulnerability : CVE-2023-3108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the subsequent getuserpagesfast in the Linux kernel's interface for symmetric key cipher algorithms in the skcipherrecvmsg of...

Linux Distros Unpatched Vulnerability : CVE-2024-42234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm: fix crashes from deferred split racing folio migration Even on 6.10-rc6, I've been seein...

Oracle Linux 8 : python-requests (ELSA-2025-13234)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-13234 advisory. 2.20.0-6 - Security fix for CVE-2024-47081 Resolves: RHEL-102420 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Fedora 41 : firefox (2025-aacceb8e35)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-aacceb8e35 advisory. - New upstream version 140.0.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

UBUNTU-CVE-2025-45770

jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant ...

SUSE CVE-2023-53158

The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone 'ssh://-oProxyCommand=open$IFS" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability involving a username field that is more difficult to exploit...

An Open-Source Implementation and Security Analysis of Triad'S TEE Trusted Time Protocol

The logic of many protocols relies on time measurements. However, in Trusted Execution Environments TEEs like Intel SGX, the time source is outside the Trusted Computing Base: a malicious system hosting the TEE can manipulate that TEE's notion of time, e.g., jumping in time or affecting the...

Low: gimp

Issue Overview: GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1591/ NOTE: https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/fixed-vulnerabilities NOTE:...

CVE-2025-7157

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-7157

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-7157

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-7157 code-projects Online Note Sharing login.php sql injection

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-7157 code-projects Online Note Sharing login.php sql injection

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-7157

CVE-2025-7157 affects Code-Projects Online Note Sharing 1.0. A vulnerability in /login.php arises from improper handling of the username and password parameters, enabling SQL injection. The flaw is exploitable remotely and has had exploits disclosed publicly. Multiple sources confirm the issue an...

PT-2025-28325 · Unknown · Code-Projects Online Note Sharing

Name of the Vulnerable Software and Affected Versions: code-projects Online Note Sharing version 1.0 Description: A critical issue was found in the code, affecting an unknown function of the file /login.php. The manipulation of the username and password arguments leads to SQL injection. This issu...

Code-Projects Online Note Sharing 注入漏洞

Code-Projects Online Note Sharing is an online note sharing software from Code-Projects open source. Code-Projects Online Note Sharing version 1.0 suffers from an injection vulnerability, which stems from an incorrect manipulation of the parameters username/password in the file /login.php resulti...