13716 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-0755
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM- authenticated proxy connections, which might allow remote...
Linux Distros Unpatched Vulnerability : CVE-2014-9827
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file. CVE-2014-9827 Note that Nessus relies on the presence of...
Linux Distros Unpatched Vulnerability : CVE-2017-7224
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The findnearestline function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write of size 1 while disassembling a corrupt binary that contains an...
Linux Distros Unpatched Vulnerability : CVE-2018-13866
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer over-read in the function H5Faddrdecodelen in H5Fint.c. CVE-2018-13866 Not...
Linux Distros Unpatched Vulnerability : CVE-2015-8984
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fnmatch function in the GNU C Library aka glibc or libc6 before 2.22 might allow context-dependent attackers to cause a denial of service application crash...
Linux Distros Unpatched Vulnerability : CVE-2018-18384
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size...
Linux Distros Unpatched Vulnerability : CVE-2017-16026
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Request is an http client. If a request is made using multipart, and the body type is a number, then the specified number of non-zero memory is passed in the...
Linux Distros Unpatched Vulnerability : CVE-2014-2894
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART...
Linux Distros Unpatched Vulnerability : CVE-2017-13766
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in...
Linux Distros Unpatched Vulnerability : CVE-2020-16029
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file...
Linux Distros Unpatched Vulnerability : CVE-2018-17794
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in workstuffcopytofrom when...
Linux Distros Unpatched Vulnerability : CVE-2018-18873
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function rasputdatastd in ras/rasenc.c. CVE-2018-18873 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2020-35914
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the lockapi crate before 0.4.2 for Rust. A data race can occur because of RwLockWriteGuard unsoundness. CVE-2020-35914 Note that Ness...
Linux Distros Unpatched Vulnerability : CVE-2021-0146
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Hardware allows activation of test or debug logic at runtime for some IntelR processors which may allow an unauthenticated user to potentially enable escalation...
Linux Distros Unpatched Vulnerability : CVE-2017-18185
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the PlBuffer::write function in PlBuffer.cc. It is caused by an...
Linux Distros Unpatched Vulnerability : CVE-2014-0189
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virt-who uses world-readable permissions for /etc/sysconfig/virt-who, which allows local users to obtain password for hypervisors by reading the file...
Linux Distros Unpatched Vulnerability : CVE-2019-9638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in...
Linux Distros Unpatched Vulnerability : CVE-2017-3001
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM...
Linux Distros Unpatched Vulnerability : CVE-2017-14735
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OWASP AntiSamy before 1.5.7 allows XSS via HTML5 entities, as demonstrated by use of : to construct a javascript: URL. CVE-2017-14735 Note that Nessus relies on...
Linux Distros Unpatched Vulnerability : CVE-2015-8393
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, a...