18 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-9955
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2024-56704
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 9p/xen: fix release of IRQ Kernel logs indicate an IRQ was double-freed. Pass correct device ID during IRQ release. Dominique: remove confusing variable reset t...
Linux Distros Unpatched Vulnerability : CVE-2020-25219
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite...
Linux Distros Unpatched Vulnerability : CVE-2024-42322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipvs: properly dereference pe in ipvsaddservice Use pe directly to resolve sparse warning: net/netfilter/ipvs/ipvsctl.c:1471:27: warning: dereference of noderef...
Linux Distros Unpatched Vulnerability : CVE-2023-52814
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential null pointer derefernce The amdgpurasgetcontext may return NULL if...
Linux Distros Unpatched Vulnerability : CVE-2023-26554
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, b...
Linux Distros Unpatched Vulnerability : CVE-2023-38572
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safa...
Linux Distros Unpatched Vulnerability : CVE-2024-27065
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not compare internal table flags on updates Restore skipping...
Linux Distros Unpatched Vulnerability : CVE-2023-52908
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL dereference Fix potential NULL dereference, in the case when...
Linux Distros Unpatched Vulnerability : CVE-2024-42281
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix a segment issue when downgrading gsosize Linearize the skb when downgrading gsosize because it may trigger a BUGON later when the skb is segmented as...
Linux Distros Unpatched Vulnerability : CVE-2022-49630
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcp: Fix a data-race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Thus, we need to add READONCE to its reade...
Linux Distros Unpatched Vulnerability : CVE-2024-27404
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remoteid Similar to the previous patch, address the data race on...
Linux Distros Unpatched Vulnerability : CVE-2014-8155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a...
Linux Distros Unpatched Vulnerability : CVE-2017-6464
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service ntpd crash via a malformed mode configuration directive...
Linux Distros Unpatched Vulnerability : CVE-2019-8503
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.1...
Linux Distros Unpatched Vulnerability : CVE-2017-9116
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function in ImfZip.cpp could cause the application to crash. CVE-2017-9116 Note that Nessus relies...
Linux Distros Unpatched Vulnerability : CVE-2017-9151
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the pnmloadascii function in input-pnm.c:303:12. CVE-2017-9151 Note that Nessus relies on...
Linux Distros Unpatched Vulnerability : CVE-2016-6509
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 mishandles conversations, which allows remote...