March Security Advisory Ivanti Secure Access Client (ISAC) (CVE-2025-22454)

Summary Ivanti has released updates for Ivanti Secure Access Client ISAC which addresses one high severity vulnerability. Successful exploitation could lead to privilege escalation. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. Vulnerability...

Security Advisory March 2025 Ivanti Neurons for MDM (N-MDM)

Summary Ivanti has released updates for Ivanti Neurons for MDM N-MDM which addresses a medium severity vulnerability. We are not aware of any customers being exploited by this vulnerability at the time of disclosure. Vulnerability Details: Description| CVSS Score Severity| CVSS Vector| CWE...

Linux Distros Unpatched Vulnerability : CVE-2024-7533

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Sharing in Google Chrome on iOS prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML pag...

Linux Distros Unpatched Vulnerability : CVE-2024-57997

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: wcn36xx: fix channel survey memory allocation size KASAN reported a memory allocation...

Linux Distros Unpatched Vulnerability : CVE-2024-35791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: SVM: Flush pages under kvm-lock to fix UAF in svmregisterencregion Do the cache flush of converted pages in svmregisterencregion before dropping kvm-lock t...

Linux Distros Unpatched Vulnerability : CVE-2024-22123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another...

Linux Distros Unpatched Vulnerability : CVE-2024-42296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix return value of f2fsconvertinlineinode If device is readonly, make f2fsconvertinlineinode return EROFS instead of zero, otherwise it may trigger panic...

Linux Distros Unpatched Vulnerability : CVE-2023-52909

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nfsd: fix handling of cached open files in nfsd4open codepath Commit fb70bf124b05 NFSD:...

Linux Distros Unpatched Vulnerability : CVE-2023-52663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: amd: Fix memory leak in amdsofacpprobe Driver uses kasprintf to initialize...

Linux Distros Unpatched Vulnerability : CVE-2021-47188

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ufs: core: Improve SCSI abort handling The following has been observed on a test setup: WARNING: CPU: 4 PID: 250 at drivers/scsi/ufs/ufshcd.c:2737...

Linux Distros Unpatched Vulnerability : CVE-2023-38324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence and directly authenticate when it is using the default FAS ke...

Linux Distros Unpatched Vulnerability : CVE-2022-41946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either PreparedStatement.setTextint, InputStream or...

Linux Distros Unpatched Vulnerability : CVE-2020-15778

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE:...

Linux Distros Unpatched Vulnerability : CVE-2015-4737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect confidentiality via...

Linux Distros Unpatched Vulnerability : CVE-2019-11728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content ...

Linux Distros Unpatched Vulnerability : CVE-2013-0442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and...

Linux Distros Unpatched Vulnerability : CVE-2010-3410

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1825. Reason: This candidate is a duplicate of CVE-2010-1825. Notes: All CVE users shoul...

CVE-2025-1182 affecting package binutils for versions less than 2.41-3

CVE-2025-1182 affecting package binutils for versions less than 2.41-3. A patched version of the package is available...

CVE-2024-23650 affecting package moby-engine for versions less than 24.0.9-14

CVE-2024-23650 affecting package moby-engine for versions less than 24.0.9-14. A patched version of the package is available...

CVE-2025-24976

Distribution’s token authentication flaw (CVE-2025-24976) affects registry versions 3.0.0-beta.1 through 3.0.0-rc.2 with token auth enabled. The root cause: JWT JWK verification accepts a header with a certificate chainless JWK but only validates the KeyID against trusted keys, not the actual key...