Linux Distros Unpatched Vulnerability : CVE-2026-27851

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be...

CVE-2025-14977

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.2.4 via the /wp-json/dokan/v1/settings REST API endpoint due to missing validation on a...

CVE-2025-14977 Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy <= 4.2.4 - Insecure Direct Object Reference to PayPal Account Takeover and Sensitive Information Disclosure

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.2.4 via the /wp-json/dokan/v1/settings REST API endpoint due to missing validation on a...

CVE-2025-14977

Dokan (WordPress Dokan Lite)

CVE-2025-68474

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...

EUVD-2025-29359

Malicious code in bioql PyPI...

CVE-2025-9808 The Events Calendar <= 6.15.2 - Missing Authorization to Unauthenticated Password-Protected Information Disclosure

The The Events Calendar plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.15.2 via the REST endpoint. This makes it possible for unauthenticated attackers to extract information about password-protected vendors or venues...

Linux Distros Unpatched Vulnerability : CVE-2022-50235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READDIR Restore the previous limit on th...

Linux Distros Unpatched Vulnerability : CVE-2016-1781

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles attachment URLs, which makes it easier for remote web servers to track users via unspecified...

Linux Distros Unpatched Vulnerability : CVE-2020-14322

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yuicombo needed to limit the amount of files it can load to help mitigate the risk of denial of service...

PT-2025-36403

Name of the Vulnerable Software and Affected Versions: itsourcecode POS Point of Sale System version 1.0 Description: A security flaw has been discovered that allows for cross site scripting through the manipulation of the scripts argument. The issue affects the processing of the file...

Linux Distros Unpatched Vulnerability : CVE-2023-1402

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The course participation report required additional checks to prevent roles being displayed which the user did not have access to view. CVE-2023-1402 Note that...

Linux Distros Unpatched Vulnerability : CVE-2023-50471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSONInsertItemInArray at cJSON.c. CVE-2023-50471 Note that Nessus relies on t...

Linux Distros Unpatched Vulnerability : CVE-2021-39875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of GitLab CE/EE since version 13.6, it is possible to see pending invitations of any public group or public project by visiting an API endpoint...

Linux Distros Unpatched Vulnerability : CVE-2022-46705

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macO...

Linux Distros Unpatched Vulnerability : CVE-2019-6439

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - examples/benchmark/tlsbench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow. CVE-2019-6439 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2021-22188

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via...

Linux Distros Unpatched Vulnerability : CVE-2019-18936

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - UniValue::read in UniValue before 1.0.5 allow attackers to cause a denial of service the class internal data reaches an inconsistent state via input data that...

Linux Distros Unpatched Vulnerability : CVE-2025-45333

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - berkeley-abc abc 1.1 contains a Null Pointer Dereference NPD vulnerability in the AbcNtkCecFraigPart function of its data processing module, leading to...

Linux Distros Unpatched Vulnerability : CVE-2024-6156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store. CVE-2024-6156 Not...