2744 matches found
CVE-2025-54382
Cherry Studio is a desktop client that supports for multiple LLM providers. In version 1.5.1, a remote code execution RCE vulnerability exists in the Cherry Studio platform when connecting to streamableHttp MCP servers. The issue arises from the server’s implicit trust in the oauth auth redirecti...
ROOT-OS-ALPINE-319-CVE-2024-24806 CVE-2024-24806 in rootio-libuv - Patched by Root
Root has patched CVE-2024-24806 in the rootio-libuv package for Root:Alpine:3.19. Multiple fixed versions available...
CVE-2025-55150 Stirling-PDF SSRF vulnerability on /api/v1/convert/html/pdf
Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/html/pdf endpoint to convert HTML to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security sanitization...
BIT-PYTHON-MIN-2025-8194 Tarfile infinite loop during parsing with negative member offset
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives...
Linux Distros Unpatched Vulnerability : CVE-2025-8176
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file...
CVE-2025-5455 affecting package qtbase for versions less than 6.6.3-4
CVE-2025-5455 affecting package qtbase for versions less than 6.6.3-4. A patched version of the package is available...
Linux Distros Unpatched Vulnerability : CVE-2024-49573
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix NEXTBUDDY Adam reports that enabling NEXTBUDDY insta triggers a WARN in...
Linux Distros Unpatched Vulnerability : CVE-2023-33250
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel 6.3 has a use-after-free in ioptunmapiovarange in drivers/iommu/iommufd/iopagetable.c. CVE-2023-33250 Note that Nessus relies on the presence o...
Linux Distros Unpatched Vulnerability : CVE-2025-37850
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pwm: mediatek: Prevent divide-by-zero in pwmmediatekconfig With CONFIGCOMPILETEST && !CONFIGHAVECLK, pwmmediatekconfig has a divide-by-zero in the following...
Linux Distros Unpatched Vulnerability : CVE-2025-37748
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix NULL pointer deference in mtkiommudevicegroup Currently, mtkiommu calls...
Linux Distros Unpatched Vulnerability : CVE-2022-50192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: spi: tegra20-slink: fix UAF in tegraslinkremove After calling spiunregistermaster, the...
Linux Distros Unpatched Vulnerability : CVE-2023-53047
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdteeopensession There is a potential race condition in...
Linux Distros Unpatched Vulnerability : CVE-2022-48916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMM...
Linux Distros Unpatched Vulnerability : CVE-2025-38070
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: sma1307: Add NULL check in sma1307settingloaded All varibale allocated by kzalloc and devmkzalloc could be NULL. Multiple pointer checks and their cleanup...
Linux Distros Unpatched Vulnerability : CVE-2024-34030
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: PCI: ofproperty: Return error for intmap allocation failure Return -ENOMEM from...
CVE-2025-38115 affecting package kernel for versions less than 6.6.96.1-1
CVE-2025-38115 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...
CVE-2025-38220 affecting package kernel for versions less than 6.6.96.1-1
CVE-2025-38220 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...
Advisory ROSA-SA-2025-2953
PO: jose 14 WASP: ROSA-CHROME unaffected versions = jose-14-1 affected versions jose-14-1 CVE-ID: CVE-2023-50967 BDU-ID: 2024-02461 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the C language module for signing and encrypting JSON latchset Jose objects is associated with uncontrolled resource...
Linux Distros Unpatched Vulnerability : CVE-2024-40985
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/tcpao: Don't leak aoinfo on error-path It seems I introduced it together with...
Linux Distros Unpatched Vulnerability : CVE-2022-48973
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpio: amd8111: Fix PCI device reference count leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the...