49149 matches found
Gogs <= 0.13.3 - Remote Code Execution
Gogs self-hosted Git service versions 0.13.3 and earlier contain a critical symlink bypass vulnerability that circumvents the fix for CVE-2024-55947. Authenticated users can exploit improper symbolic link handling in the PutContents API to overwrite files outside the repository by committing a...
Linux Distros Unpatched Vulnerability : CVE-2026-61465
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can...
Linux Distros Unpatched Vulnerability : CVE-2026-61857
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious...
Linux Distros Unpatched Vulnerability : CVE-2026-61861
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory...
Linux Distros Unpatched Vulnerability : CVE-2026-50810
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference in smoothparsestreamindex in src/mediatools/mpd.c in GPAC master HEAD before commit b35c61f104b85fbb16520ac2838d5d2ef70845b5 allows...
Linux Distros Unpatched Vulnerability : CVE-2026-15028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue...
Linux Distros Unpatched Vulnerability : CVE-2026-56288
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU patch is vulnerable to a NULL pointer dereference when processing a specially crafted unified-diff patch file. Improper handling of consecutive end-of-file...
Linux Distros Unpatched Vulnerability : CVE-2026-59831
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitHub CLI gh is GitHub's official command line tool. From 2.10.0 through 2.95.0, connecting to a malicious Codespace with gh codespace jupyter can allow comman...
Linux Distros Unpatched Vulnerability : CVE-2026-38076
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow in the jbig2arithiaidctxnew function of Artifex commit cc37d0 allows attackers to cause a Denial of Service DoS via a crafted input...
Linux Distros Unpatched Vulnerability : CVE-2026-14741
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - libhttp-date-perl - None Ubuntu Linux - Unknown description CVE-2026-14741 Note that Nessus relies on the presence of the package as reported by...
Linux Distros Unpatched Vulnerability : CVE-2026-56289
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A...
Linux Distros Unpatched Vulnerability : CVE-2026-45309
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - python-asyncssh - None Ubuntu Linux - Unknown description CVE-2026-45309 Note that Nessus relies on the presence of the package as reported by th...
Linux Distros Unpatched Vulnerability : CVE-2026-59856
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to 9.2.0736, the PHP omni-completion script in runtime/autoload/phpcomplete.vim interpolates a class or...
Linux Distros Unpatched Vulnerability : CVE-2026-55195
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, py7zr's...
Linux Distros Unpatched Vulnerability : CVE-2026-12590
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: In body-parser versions prior to 1.20.6 1.x line and 2.3.0 2.x line, when the parser is configured with an invalid limit option value such as an...
Linux Distros Unpatched Vulnerability : CVE-2026-15105
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in davenardella snap7 up to 1.4.3. This affects the function TS7Worker::PerformFunctionRead of the file src/core/s7server.cpp of the...
Linux Distros Unpatched Vulnerability : CVE-2026-55206
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, PackInfo.read in...
Linux Distros Unpatched Vulnerability : CVE-2026-15308
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The incremental HTML parser html.parser.HTMLParser allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontroll...
Linux Distros Unpatched Vulnerability : CVE-2026-15173
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pcapng file parser crash in Wireshark 4.6.0 to 4.6.6 allows denial of service CVE-2026-15173 Note that Nessus relies on the presence of the package as reported ...
Linux Distros Unpatched Vulnerability : CVE-2026-50811
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability exists in FreeType 2.14.3 and versions before commit 5a280ecde6f324de0d226261036e736e0cb49a71 in src/truetype/ttgxvar.c, in...