62 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-50201
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix encoder-possibleclones Include the encoder itself in its possibleclones...
Linux Distros Unpatched Vulnerability : CVE-2022-49249
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wc938x: fix accessing array out of bounds for enum type Accessing enums using...
Linux Distros Unpatched Vulnerability : CVE-2021-47383
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program does an ioctl FBIOPUTVSCREENINFO passing the fbvarscreeninfo struc...
Linux Distros Unpatched Vulnerability : CVE-2024-47709
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo-bcmprocread after removeprocentry. syzbot reported a warning in bcmreleas...
Linux Distros Unpatched Vulnerability : CVE-2021-47633
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ath5k: fix OOB in ath5keepromreadpcalinfo5111 The bug was found during fuzzing. Stacktrace locates it in ath5keepromconvertpcalinfo5111. When none of the curve ...
Linux Distros Unpatched Vulnerability : CVE-2022-49071
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/panel: ili9341: fix optional regulator handling If the optional regulator lookup fails,...
Linux Distros Unpatched Vulnerability : CVE-2017-12617
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the...
Linux Distros Unpatched Vulnerability : CVE-2020-9802
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10...
Linux Distros Unpatched Vulnerability : CVE-2016-10713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pchwriteline in pch.c can possibly lead to DoS via a crafted input file...
Linux Distros Unpatched Vulnerability : CVE-2016-5424
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the...
Linux Distros Unpatched Vulnerability : CVE-2019-13636
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c. CVE-2019-13636 Note...
Linux Distros Unpatched Vulnerability : CVE-2018-1000156
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITORPROGRAM invocation using ed can result in...
Linux Distros Unpatched Vulnerability : CVE-2012-1033
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query...
Azure Linux 3.0 Security Update: kernel (CVE-2024-42072)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42072 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix maygoto with negative offset...
CVE-2024-20149
CVE-2024-20149 affects the Modem component, with an input validation flaw that can cause a remote denial of service (no privileges, no user interaction needed). The vulnerability is associated with a network-based attack vector and a high impact on availability (CVSS 3.1 base score 7.5). Affected...
Cisco NX-OS Improper Verification of Cryptographic Signature (CVE-2017-12331)
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX- OS signature verification for software patches. An authenticated, local attacker could exploit...
CVE-2024-20101
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998901; Issue ID: MSV-1602...
CVE-2024-35184 paperless-ngx's remote user auth via header works even when disabling it for API
Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the...
CVE-2024-28234 Contao has insufficient BBCode sanitizer
Contao is an open source content management system. Starting in version 2.0.0 and prior to versions 4.13.40 and 5.3.4, it is possible to inject CSS styles via BBCode in comments. Installations are only affected if BBCode is enabled. Contao versions 4.13.40 and 5.3.4 have a patch for this issue. A...
BIT-JUPYTER-NOTEBOOK-2022-29238 Forced Browsing in Jupyter Notebook
Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with ContentsManager.allowhidden = False only prevented listing the contents of hidden directories, not accessing individual hidden files or files...