6646 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-14489
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The iscsiifrx function in drivers/scsi/scsitransportiscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service panic by leveragi...
Linux Distros Unpatched Vulnerability : CVE-2015-0294
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. CVE-2015-0294 Note that Nessus relies on the presence o...
Linux Distros Unpatched Vulnerability : CVE-2014-0225
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by...
Linux Distros Unpatched Vulnerability : CVE-2020-16022
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially bypass firewall controls via a...
Linux Distros Unpatched Vulnerability : CVE-2018-14648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated...
Linux Distros Unpatched Vulnerability : CVE-2017-9200
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libautotrace.a in AutoTrace 0.31.1 has a cannot be represented in type int issue in input-tga.c:528:63. CVE-2017-9200 Note that Nessus relies on the presence of...
Linux Distros Unpatched Vulnerability : CVE-2016-3961
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest OS users to cause a denial of...
Linux Distros Unpatched Vulnerability : CVE-2018-15537
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unrestricted file upload with remote code execution in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP...
Linux Distros Unpatched Vulnerability : CVE-2018-19661
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulawarray in ulaw.c that will lead to a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2016-7520
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds read via a crafted HDR file...
Linux Distros Unpatched Vulnerability : CVE-2016-3074
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer signedness error in GD Graphics Library 2.1.1 aka libgd or libgd2 allows remote attackers to cause a denial of service crash or potentially execute...
Linux Distros Unpatched Vulnerability : CVE-2016-7875
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class...
Linux Distros Unpatched Vulnerability : CVE-2016-4964
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mptsasfetchrequests function in hw/scsi/mptsas.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop,...
Linux Distros Unpatched Vulnerability : CVE-2016-2847
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service memory...
Linux Distros Unpatched Vulnerability : CVE-2020-11113
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to...
Linux Distros Unpatched Vulnerability : CVE-2016-9540
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka cpStripToTile...
Linux Distros Unpatched Vulnerability : CVE-2020-28949
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ArchiveTar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack such as file:// to overwrite file...
Linux Distros Unpatched Vulnerability : CVE-2017-7394
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In TigerVNC 1.7.1 SSecurityPlain.cxx SSecurityPlain::processMsg, unauthenticated users can crash the server by sending long usernames. CVE-2017-7394 Note that...
Linux Distros Unpatched Vulnerability : CVE-2015-5199
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAUDRIVER environment variable. CVE-2015-51...
Linux Distros Unpatched Vulnerability : CVE-2018-13153
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c. CVE-2018-13153 Note that Nessus relies on the presence of...