541 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Linux Distros Unpatched Vulnerability : CVE-2026-23155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fix error message Sinc commit 79a6d1bfe114 can: gsusb:...
Linux Distros Unpatched Vulnerability : CVE-2026-23034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu/userq: Fix fence reference leak on queue teardown v2 The user mode queue keeps a pointer to the most recent fence in userq-lastfence. This pointer...
Linux Distros Unpatched Vulnerability : CVE-2023-53994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ionic: remove WARNON to prevent paniconwarn Remove unnecessary early code development check and the WARNON that it uses. The irq alloc and free paths have long...
Linux Distros Unpatched Vulnerability : CVE-2025-12428
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium securit...
Linux Distros Unpatched Vulnerability : CVE-2025-12036
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2025-10729
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The module will parse a node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading to a use aft...
Linux Distros Unpatched Vulnerability : CVE-2025-11209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker to spoof the contents of the Omnibox URL ba...
Linux Distros Unpatched Vulnerability : CVE-2022-50407
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos...
Linux Distros Unpatched Vulnerability : CVE-2025-26526
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Separate Groups mode restrictions were not factored into permission checks before allowing viewing or deletion of responses in Feedback activities. CVE-2025-265...
Linux Distros Unpatched Vulnerability : CVE-2016-8286
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security...
Linux Distros Unpatched Vulnerability : CVE-2025-9375
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XML Injection vulnerability in xmltodict allows Input Data Manipulation. This issue affects xmltodict: from 0.14.2 before 0.15.1. NOTE: the scope of this CVE is...
Linux Distros Unpatched Vulnerability : CVE-2024-43428
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - To address a cache poisoning risk in Moodle, additional validation for local storage was required. CVE-2024-43428 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2020-13287
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Project reporters and above could see confidential EPIC attached to...
Linux Distros Unpatched Vulnerability : CVE-2020-13324
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions prior to 13.1. Under certain conditions the private activity of a user could be exposed via the API...
Linux Distros Unpatched Vulnerability : CVE-2023-41915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code...
Linux Distros Unpatched Vulnerability : CVE-2023-37154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - checkbyssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with $IFS. This has been...
Linux Distros Unpatched Vulnerability : CVE-2023-0415
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file CVE-2023-0415 No...
Linux Distros Unpatched Vulnerability : CVE-2023-5061
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions...
Linux Distros Unpatched Vulnerability : CVE-2022-21487
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.34. Easily...