Linux Distros Unpatched Vulnerability : CVE-2014-9140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the ppphdlc function in print-ppp.c in tcpdump 4.6.2 and earlier allows remote attackers to cause a denial of service crash cia a crafted PPP...

Linux Distros Unpatched Vulnerability : CVE-2020-13956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.UR...

Linux Distros Unpatched Vulnerability : CVE-2017-7747

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was address...

Linux Distros Unpatched Vulnerability : CVE-2015-0294

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. CVE-2015-0294 Note that Nessus relies on the presence o...

Linux Distros Unpatched Vulnerability : CVE-2016-4964

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mptsasfetchrequests function in hw/scsi/mptsas.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop,...

Linux Distros Unpatched Vulnerability : CVE-2012-5088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect...

Linux Distros Unpatched Vulnerability : CVE-2017-7394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In TigerVNC 1.7.1 SSecurityPlain.cxx SSecurityPlain::processMsg, unauthenticated users can crash the server by sending long usernames. CVE-2017-7394 Note that...

Linux Distros Unpatched Vulnerability : CVE-2019-10894

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring th...

Linux Distros Unpatched Vulnerability : CVE-2018-19661

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulawarray in ulaw.c that will lead to a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2018-20855

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 4.18.7. In createqpcommon in drivers/infiniband/hw/mlx5/qp.c, mlx5ibcreateqpresp was never initialized,...

Linux Distros Unpatched Vulnerability : CVE-2016-3074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer signedness error in GD Graphics Library 2.1.1 aka libgd or libgd2 allows remote attackers to cause a denial of service crash or potentially execute...

Linux Distros Unpatched Vulnerability : CVE-2016-7875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class...

Linux Distros Unpatched Vulnerability : CVE-2016-7946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - X.org libXi before 1.7.7 allows remote X servers to cause a denial of service infinite loop via vectors involving length fields. CVE-2016-7946 Note that Nessus...

prometerre.ch Cross Site Scripting vulnerability OBB-4031907

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2025-25303

Summary: CVE-2025-25303 describes a Server-Side Request Forgery (SSRF) in the MouseTooltipTranslator Chrome extension. The issue stems from the pdf.mjs script, which uses the URL parameter from the current URL as the target file to download and display. Since pdf.mjs is imported by viewer.html an...

CVE-2025-25303 Server-Side Request Forgery (SSRF) in MouseTooltipTranslator

The MouseTooltipTranslator Chrome extension allows mouseover translation of any language at once. The MouseTooltipTranslator browser extension is vulnerable to SSRF attacks. The pdf.mjs script uses the URL parameter from the current URL as the file to download and display to the extension user...

Linux Distros Unpatched Vulnerability : CVE-2010-0308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service assertion failure via a...

mail.siicsalud.com Cross Site Scripting vulnerability OBB-4030848

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Defense Lessons From the Black Basta Ransomware Playbook

The cybersecurity world was rocked last week by a massive leak of Black Basta’s internal communications that emerged from the group’s chat logs. Triggered by internal conflicts and a retaliatory data dump following attacks on Russian banks, the exposed records offer a rare glimpse into Black...

Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024147 fixes one issue. The following security issue was fixed: CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat bsc1236783. Patch Instructions: To install this SUSE update use the SUSE recommended...