Linux Distros Unpatched Vulnerability : CVE-2025-24358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gorilla/csrf provides Cross Site Request Forgery CSRF prevention middleware for Go web applications & services. Prior to 1.7.2, gorilla/csrf does not validate t...

PT-2023-24807 · Intel · Intel Simics Simulator

Name of the Vulnerable Software and Affected Versions: IntelR Simics Simulator versions prior to 1.7.2 Description: The issue is related to insecure inherited permissions in the software, which may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2021-24229

The Jetpack Scan team identified a Reflected Cross-Site Scripting via the patreonsaveattachmentpatreonlevel AJAX action of the Patreon WordPress plugin before 1.7.2. This AJAX hook is used to update the pledge level required by Patreon subscribers to access a given attachment. This action is...

qemu: hpet: buffer overrun on invalid state load

Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers...

qemu: virtio: insufficient validation of num_sg when mapping

The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...

qemu: virtio: out-of-bounds buffer write on state load with invalid config_len

Heap-based buffer overflow in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image...

qemu: virtio: out-of-bounds buffer write on invalid state load

The virtioload function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write...