Linux Distros Unpatched Vulnerability : CVE-2019-14468

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GnuCOBOL 2.2 has a buffer overflow in cbpushop in cobc/field.c via crafted COBOL source code. CVE-2019-14468 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2021-29471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In...

Linux Distros Unpatched Vulnerability : CVE-2024-5470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.0.4 and from 17.1 prior to 17.1.2 where a Guest user with...

Linux Distros Unpatched Vulnerability : CVE-2023-30631

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server. The configuration option proxy.config.http.pushmethodenabled didn't...

Linux Distros Unpatched Vulnerability : CVE-2025-8264

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package z-push/z-push-dev before 2.7.6 are vulnerable to SQL Injection due to unparameterized queries in the IMAP backend. An attacker can inje...

Linux Distros Unpatched Vulnerability : CVE-2019-9518

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an...

Linux Distros Unpatched Vulnerability : CVE-2024-3653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the...

SUSE CVE-2025-38546

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes NULL skb to vcc-push when the socket is closed, and then clippush...

CVE-2025-38546

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes NULL skb to vcc-push when the socket is closed, and then clippush...

AZL-73578 CVE-2025-38546 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes NULL skb to vcc-push when the socket is closed, and then clippush...

CVE-2025-38546 atm: clip: Fix memory leak of struct clip_vcc.

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes NULL skb to vcc-push when the socket is closed, and then clippush...

CVE-2025-50861

The Lotus Cars Android app com.lotus.carsdomestic.intl 1.2.8 contains an exported component, PushDeepLinkActivity, which is accessible without authentication via ADB or malicious apps. This poses a risk of unintended access to application internals and can cause denial of service or logic abuse...

Linux Distros Unpatched Vulnerability : CVE-2023-0394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the syst...

Linux Distros Unpatched Vulnerability : CVE-2018-12387

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes...

Malicious code in deploytool-git-push (npm)

The package deploytool-git-push was found to contain malicious code...

Malicious code in server-push-webpack-plugin (npm)

The package server-push-webpack-plugin was found to contain malicious code...

MAL-2025-33005 Malicious code in server-push-webpack-plugin (npm)

The package server-push-webpack-plugin was found to contain malicious code...

MAL-2025-18297 Malicious code in deploytool-git-push (npm)

The package deploytool-git-push was found to contain malicious code...

CVE-2025-50155

Access of resource using incompatible type 'type confusion' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...

CVE-2025-53725

Access of resource using incompatible type 'type confusion' in Windows Push Notifications allows an authorized attacker to elevate privileges locally...