Linux Distros Unpatched Vulnerability : CVE-2025-22046

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: uprobes/x86: Harden uretprobe syscall trampoline check Jann reported a possible issue when...

Linux Distros Unpatched Vulnerability : CVE-2025-8176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file...

Debian dla-4266 : distro-info-data - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4266 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4266-1 [email protected] https://www.debian.org/lts/security/...

Linux Distros Unpatched Vulnerability : CVE-2025-23130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to avoid panic once fallocation fails for pinfile syzbot reports a f2fs bug as below: ------------ cut here ------------ kernel BUG at...

Linux Distros Unpatched Vulnerability : CVE-2024-43815

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: mxs-dcp - Ensure payload is zero when using key slot We could leak stack memory...

Linux Distros Unpatched Vulnerability : CVE-2022-49870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - capabilities: fix undefined behavior in bit shift for CAPTOMASK Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. T...

Fedora 42 : chromium (2025-04158e05ef)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-04158e05ef advisory. Updated to 139.0.7258.66 CVE-2025-8576: Use after free in Extensions CVE-2025-8578: Use after free in Cast CVE-2025-8579: Inappropriate implementati...

Linux Distros Unpatched Vulnerability : CVE-2022-50227

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timer only once Add a check for existing xen timers before...

Linux Distros Unpatched Vulnerability : CVE-2023-3108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the subsequent getuserpagesfast in the Linux kernel's interface for symmetric key cipher algorithms in the skcipherrecvmsg of...

Linux Distros Unpatched Vulnerability : CVE-2020-35112

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a user downloaded a file lacking an extension on Windows, and then Open-ed it from the downloads panel, if there was an executable file in the downloads...

Oracle Linux 8 : python-requests (ELSA-2025-13234)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-13234 advisory. 2.20.0-6 - Security fix for CVE-2024-47081 Resolves: RHEL-102420 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Linux Distros Unpatched Vulnerability : CVE-2024-42234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm: fix crashes from deferred split racing folio migration Even on 6.10-rc6, I've been seein...

Fedora 41 : firefox (2025-aacceb8e35)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-aacceb8e35 advisory. - New upstream version 140.0.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

UBUNTU-CVE-2025-45770

jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant ...

SUSE CVE-2023-53158

The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone 'ssh://-oProxyCommand=open$IFS" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability involving a username field that is more difficult to exploit...

An Open-Source Implementation and Security Analysis of Triad'S TEE Trusted Time Protocol

The logic of many protocols relies on time measurements. However, in Trusted Execution Environments TEEs like Intel SGX, the time source is outside the Trusted Computing Base: a malicious system hosting the TEE can manipulate that TEE's notion of time, e.g., jumping in time or affecting the...

Low: gimp

Issue Overview: GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1591/ NOTE: https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/fixed-vulnerabilities NOTE:...

CVE-2025-7157

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-7157

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-7157

A vulnerability was found in code-projects Online Note Sharing 1.0. It has been classified as critical. Affected is an unknown function of the file /login.php. The manipulation of the argument username/password leads to sql injection. It is possible to launch the attack remotely. The exploit has...