12640 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-1934
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server. CVE-2020-1934 Note that Nessus relies o...
Linux Distros Unpatched Vulnerability : CVE-2016-7074
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter...
Linux Distros Unpatched Vulnerability : CVE-2023-52742
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: USB: Fix wrong-direction WARNING in plusb.c The syzbot fuzzer detected a bug in the plusb network driver: A zero-length control-OUT transfer was treated as...
CVE-2025-5095
Burk Technology ARC Solo's password change mechanism can be utilized without proper authentication procedures, allowing an attacker to take over the device. A password change request can be sent directly to the device's HTTP endpoint without providing valid credentials. The system does not enforc...
Linux Distros Unpatched Vulnerability : CVE-2024-27044
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential NULL pointer dereferences in 'dcn10setoutputtransferfunc' The...
Linux Distros Unpatched Vulnerability : CVE-2024-35984
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: i2c: smbus: fix NULL function pointer dereference Baruch reported an OOPS when using the...
Linux Distros Unpatched Vulnerability : CVE-2020-1935
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some...
CVE-2025-8758
A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather high. The...
CVE-2025-8758 TRENDnet TEW-822DRE vsftpd least privilege violation
A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather high. The...
Linux Distros Unpatched Vulnerability : CVE-2025-38229
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: cxusb: no longer judge rbuf when the write fails syzbot reported a uninit-value in cxusbi2cxfer. 1 Only when the write operation of usbbulkmsg in...
CVE-2025-50927
A reflected cross-site scripting XSS vulnerability in the List All FTP User Function in EHCP v20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via injecting a crafted payload into the ftpusername parameter...
CVE-2025-53520
The affected product allows firmware updates to be downloaded from EG4's website, transferred via USB dongles, or installed through EG4's Monitoring Center remote, cloud-connected interface or via a serial connection, and can install these files without integrity checks. The TTComp archive format...
CVE-2025-50927
CVE-2025-50927 concerns EHCP v20.04.1.b where the List All FTP User Function is vulnerable to reflected XSS via the ftpusername parameter. Authenticated attackers can inject JavaScript, potentially enabling session hijacking or redirection to malicious sites. Public writeups describe the vulnerab...
PT-2025-32385 · Ehcp · Ehcp
Name of the Vulnerable Software and Affected Versions: EHCP version 20.04.1.b Description: A reflected cross-site scripting XSS vulnerability exists in the List All FTP User Function. Authenticated attackers can execute arbitrary JavaScript by injecting a crafted payload into the ftpusername...
CLSA-2025-1754552669 kernel: Fix of 12 CVEs
net: ch9200: fix uninitialised access during miinwayrestart CVE-2025-38086 - idpf: fix null-ptr-deref in idpffeaturescheck CVE-2025-38053 - ftrace: Fix NULL pointer dereference in isftracetrampoline when ftrace is dead CVE-2022-49977 - sched/fair: Fix potential memory corruption in...
dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using
...
net: atm: fix /proc/net/atm/lec handling
...
[SECURITY] Fedora 41 Update: libssh-0.11.2-1.fc41
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...
Akamai Ghost 环境问题漏洞
Akamai Ghost is an HTTP service program from Akamai Corporation. An environmental issue vulnerability exists in versions of Akamai Ghost prior to 2025-03-26, which stems from inconsistent parsing of HTTP requests and could lead to a request entrapment attack...
PT-2025-32330 · Burk Technology · Arc Solo
Name of the Vulnerable Software and Affected Versions: Burk Technology ARC Solo affected versions not specified Description: The password change mechanism in Burk Technology ARC Solo does not require proper authentication, potentially allowing an attacker to take over the device. A password chang...