2768 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-29129
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length...
Linux Distros Unpatched Vulnerability : CVE-2017-8924
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The edgebulkincallback function in drivers/usb/serial/ioti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information in the dmesg...
Linux Distros Unpatched Vulnerability : CVE-2018-14035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VMmemcpyvv in H5VM.c. CVE-2018-14035 Note that...
Linux Distros Unpatched Vulnerability : CVE-2018-21010
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenJPEG before 2.3.1 has a heap buffer overflow in colorapplyiccprofile in bin/common/color.c. CVE-2018-21010 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2013-0787
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x...
Linux Distros Unpatched Vulnerability : CVE-2017-12692
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service memory consumption via a crafted VIFF...
Linux Distros Unpatched Vulnerability : CVE-2015-2155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors...
Linux Distros Unpatched Vulnerability : CVE-2017-6502
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file- descriptor leak in libmagickcore thus, a DoS. CVE-2017-6502 No...
Linux Distros Unpatched Vulnerability : CVE-2017-11360
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1 has a large loop vulnerability via a crafted rle file that triggers a huge numberpixels value...
castleparadox.com Cross Site Scripting vulnerability OBB-4031617
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
PT-2025-35541
Name of the Vulnerable Software and Affected Versions Qualcomm Multi-Mode Call Processor affected versions not specified Qualcomm Snapdragon chips affected versions not specified Description A memory corruption issue exists when selecting the PLMN Public Land Mobile Network from the SOR Serving a...
Linux Distros Unpatched Vulnerability : CVE-2007-6761
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobufmapping data structures, which allows local users to trigge...
Important Photon OS Security Update - PHSA-2025-5.0-0481
Updates of 'grub2' packages of Photon OS have been released...
CVE-2025-21782 orangefs: fix a oob in orangefs_debug_write
In the Linux kernel, the following vulnerability has been resolved: orangefs: fix a oob in orangefsdebugwrite I got a syzbot report: slab-out-of-bounds Read in orangefsdebugwrite... several people suggested fixes, I tested Al Viro's suggestion and made this patch...
CVE-2024-52559 drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()
In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: prevent integer overflow in msmioctlgemsubmit The "submit-cmdi.size" and "submit-cmdi.offset" variables are u32 values that come from the user via the submitlookupcmds function. This addition could lead to an integer...
CVE-2024-57977
CVE-2024-57977 is a Linux kernel vulnerability in memcg where the OOM task traversal could cause a soft lockup when thousands of processes reside in the OOM cgroup. The issue arises from scanning OOM tasks for each memory pressure event, delaying the watchdog handling. The documented fix adds a r...
CVE-2022-49720
In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of range for type 'long...
CVE-2022-49708
CVE-2022-49708 affects the Linux kernel ext4 file system (mballoc allocator). The issue is triggered by a BUG_ON path in ext4_mb_use_inode_pa during disk space accounting, leading to a kernel crash when fsync/writeback paths exercise preallocation and inode pa blocks. Reproduction steps involve c...
CVE-2022-49201 ibmvnic: fix race between xmit and reset
In the Linux kernel, the following vulnerability has been resolved: ibmvnic: fix race between xmit and reset There is a race between reset and the transmit paths that can lead to ibmvnicxmit accessing an scrq after it has been freed in the reset path. It can result in a crash like: Kernel attempt...
CVE-2022-49085 drbd: Fix five use after free bugs in get_initial_state
In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in getinitialstate In getinitialstate, it calls notifyinitialstatedoneskb,.. if cb-args5==1. If genlmsgput failed in notifyinitialstatedone, the skb will be freed by nlmsgfreeskb. Then...