CVE-2025-2174

CVE-2025-2174 affects libzvbi up to 0.2.43. The vulnerability is in vbi_strndup_iconv_ucs2 (src/conv.c); manipulating src_length can trigger an integer overflow, with remote attack possibilities. Public exploit guidance exists. A fix is available in 0.2.44, and the patch ca1672134b3e2962cd392212c...

PT-2025-10847 · Microsoft · Visual Studio Code

Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue is related to an uncontrolled search path element that allows an authorized attacker to elevate privileges locally. There is no information provided about the estimated...

PT-2025-10850

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue allows remote attackers to execute arbitrary code and affect the system. It involves a relative path traversal in the Remote Desktop Client, enabling unauthorized...

PT-2025-17553 · Totolink · Totolink A810R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A810R version 4.1.2cu.5182 B20201026 Description: A stack overflow issue was discovered via the startTime and endTime parameters in the setParentalRules function. Recommendations: For TOTOLINK A810R version 4.1.2cu.5182 B20201026, as...

CVE-2025-26596 affecting package xorg-x11-server for versions less than 1.20.10-15

CVE-2025-26596 affecting package xorg-x11-server for versions less than 1.20.10-15. A patched version of the package is available...

CVE-2025-1497

A vulnerability, that could result in Remote Code Execution RCE, has been found in PlotAI. Lack of validation of LLM-generated output allows attacker to execute arbitrary Python code. Vendor commented out vulnerable line, further usage of the software requires uncommenting it and thus accepting t...

CVE-2025-22869 affecting package kubernetes for versions less than 1.28.4-15

CVE-2025-22869 affecting package kubernetes for versions less than 1.28.4-15. A patched version of the package is available...

CVE-2025-27598

ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. The problem has been patched. All users are advised to upgrade to...

Linux Distros Unpatched Vulnerability : CVE-2025-1149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the...

Linux Distros Unpatched Vulnerability : CVE-2024-49953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix crash caused by calling xfrmstatedelete twice The km.state is not checked in...

Linux Distros Unpatched Vulnerability : CVE-2025-1148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in GNU Binutils 2.43 and classified as problematic. Affected by this issue is the function linkorderscan of the file ld/ldelfgen.c of...

Linux Distros Unpatched Vulnerability : CVE-2025-21682

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recalculate features when XDP is detached. Before: ip li set dev eth0 xdp obj...

Linux Distros Unpatched Vulnerability : CVE-2024-35876

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. CVE-2024-35876 Note that Nessus relies on the presence of the packag...

Linux Distros Unpatched Vulnerability : CVE-2022-3554

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was n...

Linux Distros Unpatched Vulnerability : CVE-2022-24785

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm server users of...

Linux Distros Unpatched Vulnerability : CVE-2022-23833

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could...

Linux Distros Unpatched Vulnerability : CVE-2024-36844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx-backend pointer. This vulnerability allows attackers to cause a Denial of Service DoS vi...

Linux Distros Unpatched Vulnerability : CVE-2023-27538

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH...

Linux Distros Unpatched Vulnerability : CVE-2023-25577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts,...

Linux Distros Unpatched Vulnerability : CVE-2022-2125

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. CVE-2022-2125 Note that Nessus relies on the presence of the package as reported by the...