3037 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-42105
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix inode number range checks Patch series nilfs2: fix potential issues related to reserved inodes. This series fixes one use-after-free issue reported ...
CVE-2025-30027
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...
CVE-2025-3892
ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a maliciou...
CVE-2025-3892
ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a maliciou...
CVE-2025-3892
ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a maliciou...
CVE-2025-30027
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...
CVE-2025-30027
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...
CVE-2025-30027
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...
CVE-2025-30027
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...
CVE-2025-30027
CVE-2025-30027 affects Axis devices via insufficient input validation in ACAP configuration files, enabling arbitrary code execution. Exploitation requires the device to allow unsigned ACAP apps and a user to install a malicious ACAP application. Impact: high on confidentiality, integrity, and av...
CVE-2025-3892
ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a maliciou...
CVE-2025-3892
ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a maliciou...
CVE-2025-3892
CVE-2025-3892 concerns Axis devices running ACAP; the issue allows elevated privileges when an Axis device is configured to allow unsigned ACAP applications and a malicious ACAP app is installed after user trickery. The CVSS details indicate LOCAL exploitation with HIGH privileges required, high ...
PT-2025-32626 · Axis · Axis
Name of the Vulnerable Software and Affected Versions: Axis affected versions not specified Description: ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This issue can only be exploited if the Axis device is configured to allow the...
PT-2025-32625 · Axis · Axis
Name of the Vulnerable Software and Affected Versions: Axis affected versions not specified Description: An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This issue can only be exploited if the Axis device is configured to allow the...
Linux Distros Unpatched Vulnerability : CVE-2023-29532
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB...
Authentication Bypass
Node-SAML is vulnerable to Authentication Bypass. The vulnerability is due to improper signature verification because the library loads assertions from the unsigned original response document instead of the signed portion, allowing attackers with a validly signed document to alter authentication...
Linux Distros Unpatched Vulnerability : CVE-2022-49870
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - capabilities: fix undefined behavior in bit shift for CAPTOMASK Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. T...
Linux Distros Unpatched Vulnerability : CVE-2022-49964
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fwlevel Though acpifindlastcachelevel always returned signed value and the document...
Linux Distros Unpatched Vulnerability : CVE-2021-35039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIGMODULESIG, verification that a kernel...