4114 matches found
CVE-2025-30110
On IROAD X5 devices, a Bypass of Device Pairing can occur via MAC Address Spoofing. The dashcam's pairing mechanism relies solely on MAC address verification, allowing an attacker to bypass authentication by spoofing an already-paired MAC address that can be captured via an ARP scan...
Exploit for Path Traversal in Gibbonedu Gibbon
CVE-2023-34598 - Gibbon v25.0.0 LFI Exploit This repository c...
Creating Scripts to Identify Vulnerable SSH Servers
This whitepaper covers how to create Nmap scripts to identify banners and versions of SSH servers. It also covers methods to mitigate the public visibility of banners and version information on SSH servers. Written in Portuguese...
kernel: scsi: megaraid_sas: Fix for a potential deadlock
In the Linux kernel, the following vulnerability has been resolved: scsi: megaraidsas: Fix for a potential deadlock This fixes a 'possible circular locking dependency detected' warning CPU0 CPU1 ---- ---- lock&instance-resetmutex; lock&shost-scanmutex; lock&instance-resetmutex;...
picklescan 数据伪造问题漏洞
picklescan is a security scanning program by the individual developer Matthieu Maitre. A data forgery issue vulnerability exists in versions of picklescan prior to 0.0.23, which stems from an inability to detect a malicious pickle file with a modified ZIP file header, which could lead to arbitrar...
Linux Distros Unpatched Vulnerability : CVE-2024-50304
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelfind The per-netns IP tunnel hash table is protected by the RTNL mutex and iptunnelfind is only call...
Linux Distros Unpatched Vulnerability : CVE-2024-57982
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: state: fix out-of-bounds read during lookup lookup and resize can run in parallel. The xfrmstatehashgeneration seqlock ensures a retry, but the hash...
Linux Distros Unpatched Vulnerability : CVE-2024-49994
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blkioctldiscar...
Linux Distros Unpatched Vulnerability : CVE-2024-27434
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK The firmware doesn't need the MFP fla...
Linux Distros Unpatched Vulnerability : CVE-2024-46748
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cachefiles: Set the max subreq size for cache writes to MAXRWCOUNT Set the maximum size of a subrequest that writes to cachefiles to be MAXRWCOUNT so that we...
Linux Distros Unpatched Vulnerability : CVE-2022-49060
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix NULL pointer dereference in smcpnetfindib devname was called with dev.parent as...
Linux Distros Unpatched Vulnerability : CVE-2022-49404
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a...
Linux Distros Unpatched Vulnerability : CVE-2021-45115
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in...
Linux Distros Unpatched Vulnerability : CVE-2024-35905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection...
Linux Distros Unpatched Vulnerability : CVE-2022-49408
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in parseapplysbmountoptions If processing the on-disk mount options...
Linux Distros Unpatched Vulnerability : CVE-2024-21047
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easi...
Linux Distros Unpatched Vulnerability : CVE-2014-3505
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Double free vulnerability in d1both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote...
Linux Distros Unpatched Vulnerability : CVE-2017-9188
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libautotrace.a in AutoTrace 0.31.1 has a left shift ... cannot be represented in type int issue in input-bmp.c:516:63. CVE-2017-9188 Note that Nessus relies on...
Linux Distros Unpatched Vulnerability : CVE-2017-10268
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.57 and earlier, 5.6....
GHSA-HW34-RQC5-H2GM Duplicate Advisory: Picklescan Allows Remote Code Execution via Malicious Pickle File Bypassing Static Analysis
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-769v-p64c-89pr. This link is maintained to preserve external references. Original Description picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An...