19 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-17712
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rawsendmsg function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet-hdrincl that leads to uninitialized stack pointer usag...
Linux Distros Unpatched Vulnerability : CVE-2019-17017
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could ...
Linux Distros Unpatched Vulnerability : CVE-2025-38329
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - firmware: csdsp: Fix OOB memory read access in KUnit test wmfw info KASAN reported out of bounds access - csdspmockwmfwaddinfo, because the source string length...
Linux Distros Unpatched Vulnerability : CVE-2022-46648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a...
Linux Distros Unpatched Vulnerability : CVE-2024-29162
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in H5HGread, resulting in denial of service or potential code execution. CVE-2024-29162 Note...
Linux Distros Unpatched Vulnerability : CVE-2022-42885
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use of uninitialized pointer vulnerability exists in the GRO format res functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted...
Linux Distros Unpatched Vulnerability : CVE-2022-49239
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Add missing ofnodeput in wcd934xcodecparsedata The devicenode pointer...
Linux Distros Unpatched Vulnerability : CVE-2013-1680
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6,...
Linux Distros Unpatched Vulnerability : CVE-2019-8666
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2,...
Linux Distros Unpatched Vulnerability : CVE-2014-9029
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple off-by-one errors in the 1 jpcdeccpsetfromcox and 2 jpcdeccpsetfromrgn functions in jpc/jpcdec.c in JasPer 1.900.1 and earlier allow remote attackers t...
Linux Distros Unpatched Vulnerability : CVE-2016-1181
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute...
Linux Distros Unpatched Vulnerability : CVE-2017-7555
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted...
Linux Distros Unpatched Vulnerability : CVE-2015-6836
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SoapClient call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows...
Linux Distros Unpatched Vulnerability : CVE-2014-9114
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. CVE-2014-9114 Note that Nessus relies on the presence of the package as report...
Linux Distros Unpatched Vulnerability : CVE-2014-1338
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service memory...
Linux Distros Unpatched Vulnerability : CVE-2019-8596
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1,...
Static Code Injection in collectiveaccess/pawtucket2
Description This is with reference to another SSRF report I made https://huntr.dev/bounties/43505ece-7d5e-44b8-a7a3-69bd42d0ad02/ in which the fix was to filter external src from images. Pawtucket2 makes use of the same code as Providence to filter HTML, however it does not include the new fix...
intothewild.eventsityb.com XSS vulnerability
Vulnerable URL: http://intothewild.eventsityb.com/infomaxim/auroradataindexdynamic.asp?label=Orders==0=auroraassets=AssetsLibrary"' /Style=position:fixed;top:0;left:0;font-size:999px; /Onmouseenter=confirmOPENBUGBOUNTY //=Matrix= Details: Description| Value ---|--- Patched:| No Latest check for...
Prozilla <= 1.3.7.3 - Remote Format String Exploit
No description provided by source. / ...\ \ /--..... .::.:/ / \ :.::. .::::./ / / |/ .::::. / / | \ \ / / .\\ / . . . ..::.... Electronic Souls ....::.. - Prozilla vs. Gentoo Security round 2 !@ Sometime ago there was a private exploit for Prozilla and due to some kiddo who randomly 0wned...