6914 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-21222
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service ReDoS due to the usage of insecure regular expression in the reattr...
Update Rollup 3 for System Center 2022 Operations Manager
Update Rollup 3 for System Center 2022 Operations Manager Introduction This article describes the new features and issues that are fixed in System Center Operations Manager 2022 Update Rollup 3. This article also contains the installation instructions for this update. Issues that are fixed...
Linux Distros Unpatched Vulnerability : CVE-2023-29582
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parseexpr1 at /nasm/nasm-parse.c. Note: This has been disputed by third parties...
Linux Distros Unpatched Vulnerability : CVE-2018-17846
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to an infinite loop during an html.Parse call because inSelectIM and...
Linux Distros Unpatched Vulnerability : CVE-2025-38471
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compact...
Linux Distros Unpatched Vulnerability : CVE-2010-3704
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics...
Linux Distros Unpatched Vulnerability : CVE-2018-11210
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the...
Linux Distros Unpatched Vulnerability : CVE-2018-17419
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in setTA in scanrr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone parsing error causes a segmentation violation...
Linux Distros Unpatched Vulnerability : CVE-2022-47086
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gfsmloadinitswf at scenemanager/swfparse.c CVE-2022-47086 Note that...
Linux Distros Unpatched Vulnerability : CVE-2018-5295
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function base/PdfXRefStreamParserObject.cpp. Remote attackers could...
OESA-2025-1996 python-werkzeug security update
A comprehensive WSGI web application library Security Fixes: Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal...
Linux Distros Unpatched Vulnerability : CVE-2021-47257
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ieee802154: fix null deref in parse dev addr Fix a logic error that could result in a null deref if the user sets the mode incorrectly for the given addr...
Linux Distros Unpatched Vulnerability : CVE-2020-11565
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 5.6.2. mpolparsestr in mm/mempolicy.c has a stack- based out-of-bounds write because an empty nodelist is...
Malicious code in graviton-dactyl-helmet-dotenv-parse-variables (npm)
The package graviton-dactyl-helmet-dotenv-parse-variables was found to contain malicious code...
Malicious code in pyxis-antimatter-dotenv-parse-variables-xenos (npm)
The package pyxis-antimatter-dotenv-parse-variables-xenos was found to contain malicious code...
Malicious code in cybernetics-terser-webpack-plugin-phenomic-dotenv-parse-variables (npm)
The package cybernetics-terser-webpack-plugin-phenomic-dotenv-parse-variables was found to contain malicious code...
MAL-2025-21901 Malicious code in graviton-dactyl-helmet-dotenv-parse-variables (npm)
The package graviton-dactyl-helmet-dotenv-parse-variables was found to contain malicious code...
MAL-2025-26218 Malicious code in meta-link-load-earth-parse (npm)
The package meta-link-load-earth-parse was found to contain malicious code...
MAL-2025-28877 Malicious code in parse-react-next (npm)
The package parse-react-next was found to contain malicious code...
MAL-2025-33440 Malicious code in small-debug-awk-hash-parse (npm)
The package small-debug-awk-hash-parse was found to contain malicious code...