541 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Linux Distros Unpatched Vulnerability : CVE-2026-23155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fix error message Sinc commit 79a6d1bfe114 can: gsusb:...
Linux Distros Unpatched Vulnerability : CVE-2026-23034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu/userq: Fix fence reference leak on queue teardown v2 The user mode queue keeps a pointer to the most recent fence in userq-lastfence. This pointer...
Linux Distros Unpatched Vulnerability : CVE-2023-53994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ionic: remove WARNON to prevent paniconwarn Remove unnecessary early code development check and the WARNON that it uses. The irq alloc and free paths have long...
Linux Distros Unpatched Vulnerability : CVE-2025-12428
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium securit...
Linux Distros Unpatched Vulnerability : CVE-2025-12036
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2025-10729
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The module will parse a node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use aft...
Linux Distros Unpatched Vulnerability : CVE-2025-11209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker to spoof the contents of the Omnibox URL ba...
Linux Distros Unpatched Vulnerability : CVE-2022-50407
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos...
Linux Distros Unpatched Vulnerability : CVE-2025-9375
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XML Injection vulnerability in xmltodict allows Input Data Manipulation. This issue affects xmltodict: from 0.14.2 before 0.15.1. NOTE: the scope of this CVE is...
Linux Distros Unpatched Vulnerability : CVE-2016-8286
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security...
Linux Distros Unpatched Vulnerability : CVE-2025-26526
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities. CVE-2025-265...
Linux Distros Unpatched Vulnerability : CVE-2024-43428
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - To address a cache poisoning risk in Moodle, additional validation for local storage was required. CVE-2024-43428 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2020-13324
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions prior to 13.1. Under certain conditions the private activity of a user could be exposed via the API...
Linux Distros Unpatched Vulnerability : CVE-2020-13287
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Project reporters and above could see confidential EPIC attached to...
Linux Distros Unpatched Vulnerability : CVE-2023-41915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code...
Linux Distros Unpatched Vulnerability : CVE-2022-28463
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. CVE-2022-28463 Note that Nessus relies on the presence of the package as reported by the vendor. File dat...
Linux Distros Unpatched Vulnerability : CVE-2023-46303
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - linktolocalpath in ebooks/conversion/plugins/htmlinput.py in calibre before 6.19.0 can, by default, add resources outside of the document root. CVE-2023-46303...
Linux Distros Unpatched Vulnerability : CVE-2022-2907
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all version...
Linux Distros Unpatched Vulnerability : CVE-2017-16119
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Fresh is a module used by the Express.js framework for HTTP response freshness testing. It is vulnerable to a regular expression denial of service when it is...