Linux Distros Unpatched Vulnerability : CVE-2023-40546

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Shim when an error happened while creating a new ESL variable. If Shim fails to create the new variable, it tries to print an error message ...

Linux Distros Unpatched Vulnerability : CVE-2017-17522

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allo...

Linux Distros Unpatched Vulnerability : CVE-2018-18249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the...

Linux Distros Unpatched Vulnerability : CVE-2017-17524

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - library/wwwbrowser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allo...

Linux Distros Unpatched Vulnerability : CVE-2017-17518

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - swt/motif/browser.c in Whitedune aka whitedune 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, whi...

Linux Distros Unpatched Vulnerability : CVE-2017-17526

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Input.cc in Bernard Parisse Giac 1.2.3.57 does not validate strings before launching the program specified by the BROWSER environment variable, which might allo...

Linux Distros Unpatched Vulnerability : CVE-2017-17529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - af/util/xp/utgofile.cpp in AbiWord 3.0.2-2 does not validate strings before launching the program specified by the BROWSER environment variable, which might all...

Linux Distros Unpatched Vulnerability : CVE-2022-2229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper authorization issue in GitLab CE/EE affecting all versions from 13.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 allows an...

Linux Distros Unpatched Vulnerability : CVE-2017-17515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - etc/ObjectList in Metview 4.7.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote...

Linux Distros Unpatched Vulnerability : CVE-2017-17517

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow...

Linux Distros Unpatched Vulnerability : CVE-2017-17511

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to...

kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw

In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40eclearhw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer underflow by changing the...

CVE-2025-5352

A critical stored Cross-Site Scripting XSS vulnerability exists in the Analytics component of lunary-ai/lunary versions up to 1.9.23, where the NEXTPUBLICCUSTOMSCRIPT environment variable is directly injected into the DOM using dangerouslySetInnerHTML without any sanitization or validation. This...

Linux Distros Unpatched Vulnerability : CVE-2016-1000107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data...

Linux Distros Unpatched Vulnerability : CVE-2017-17531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote...

Linux Distros Unpatched Vulnerability : CVE-2017-17519

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batteriesConfig.mlp in OCaml Batteries Included aka ocaml-batteries 2.6 does not validate strings before launching the program specified by the BROWSER...

Fedora 41 : toolbox (2025-ab370b9ac9)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-ab370b9ac9 advisory. Security fixes Bumped the minimum github.com/go-viper/mapstructure/v2 version to 2.3.0 for GHSA-fv92-fjc5-jj9h or GO-2025-3787 Bumped the minimum...

Linux Distros Unpatched Vulnerability : CVE-2017-17530

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - common/help.c in Geomview 1.9.5 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote...

CVE-2025-5352

A critical stored Cross-Site Scripting XSS vulnerability exists in the Analytics component of lunary-ai/lunary versions up to 1.9.23, where the NEXTPUBLICCUSTOMSCRIPT environment variable is directly injected into the DOM using dangerouslySetInnerHTML without any sanitization or validation. This...

CVE-2025-5352

A critical stored Cross-Site Scripting XSS vulnerability exists in the Analytics component of lunary-ai/lunary versions up to 1.9.23, where the NEXTPUBLICCUSTOMSCRIPT environment variable is directly injected into the DOM using dangerouslySetInnerHTML without any sanitization or validation. This...