Linux Distros Unpatched Vulnerability : CVE-2017-17081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gmcmmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause...

Linux Distros Unpatched Vulnerability : CVE-2019-13962

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lavcCopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap- based buffer over-read because it does not properly...

CVE-2025-48168

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through ...

libvpx: Integer overflow in vpx_img_alloc()

A flaw was found in libvpx. When creating images, libvpx trusts the width, height, and alignment of the user input. However, it does not properly validate the provided values. This flaw allows an attacker to craft user inputs or trick the user into opening crafted files, where these types of valu...

CVE-2025-48168 WordPress Apollo - Sticky Full Width HTML5 Audio Player <= 3.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through ...

CVE-2025-48168

CVE-2025-48168 applies to the WordPress plugin Apollo - Sticky Full Width HTML5 Audio Player. It describes a Reflected Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of input during web page generation. Affected software/version: Apollo - Sticky Full Width HTML5 Audio ...

CVE-2025-48168 WordPress Apollo - Sticky Full Width HTML5 Audio Player <= 3.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through ...

PT-2025-46745

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's pwm subsystem, specifically within the berlin driver. An incorrect register was being used during suspend and resume operations. The driver was...

CVE-2025-38516

In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: msm: mark certain pins as invalid for interrupts On some platforms, the UFS-reset pin has no interrupt logic in TLMM but is nevertheless registered as a GPIO in the kernel. This enables the user-space to trigger a...

Linux Distros Unpatched Vulnerability : CVE-2023-53156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The transpose crate before 0.2.3 for Rust allows an integer overflow via inputwidth and inputheight arguments. CVE-2023-53156 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2018-7713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service assertion failure...

Linux Distros Unpatched Vulnerability : CVE-2022-3775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. ...

CVE-2025-38516

In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: msm: mark certain pins as invalid for interrupts On some platforms, the UFS-reset pin has no interrupt logic in TLMM but is nevertheless registered as a GPIO in the kernel. This enables the user-space to trigger a...

CVE-2025-38516

CVE-2025-38516 is a Linux kernel vulnerability in the pinctrl/qcom/msm subsystem. The issue arises when certain pins are registered as IRQ-capable on platforms where intr_detection_width is not 1 or 2, enabling a user-space trigger that can cause a BUG() in msm_gpio_irq_set_type() and potentially...

CVE-2025-38516 pinctrl: qcom: msm: mark certain pins as invalid for interrupts

In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: msm: mark certain pins as invalid for interrupts On some platforms, the UFS-reset pin has no interrupt logic in TLMM but is nevertheless registered as a GPIO in the kernel. This enables the user-space to trigger a...

CVE-2025-38509

Summary of CVE-2025-38509 (Linux kernel, wifi/mac80211): A vulnerability in VHT mode notifications for sub-20 MHz channel widths (notably 5/10 MHz) could lead to invalid input reaching ieee80211_chan_width_to_rx_bw(), triggering a WARN_ON. The issue arises when VHT opmode_notif is used and unsupp...

Malicious code in test-mlw2-thees-width (npm)

The package test-mlw2-thees-width was found to contain malicious code...

MAL-2025-36438 Malicious code in test-mlw2-thees-width (npm)

The package test-mlw2-thees-width was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2021-47044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in loadbalance Syzbot reported a handful of occurrences...

Medium: libvpx

Issue Overview: VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. CVE-2023-44488 A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. ...