7617 matches found
EUVD-2026-5382
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...
CVE-2025-71194
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in waitcurrenttrans due to ignored transaction type When waitcurrenttrans is called during starttransaction, it currently waits for a blocked transaction without considering whether the given transaction type...
UBUNTU-CVE-2025-71194
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in waitcurrenttrans due to ignored transaction type When waitcurrenttrans is called during starttransaction, it currently waits for a blocked transaction without considering whether the given transaction type...
CVE-2025-71194
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in waitcurrenttrans due to ignored transaction type When waitcurrenttrans is called during starttransaction, it currently waits for a blocked transaction without considering whether the given transaction type...
TruConfirm: Autonomous, Agent-Led, Safe Exploit Validation for Real-World Risk Reduction
Key Takeaways CISOs still can’t answer the only question that matters: Is this exposure exploitable on this asset, in our production environment, against our controls, right now? The vulnerability firehose broke the old model: With 48,177 CVEs published in 2025, “critical” lists are too large to...
CVE-2026-0661
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...
CVE-2025-71194
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in waitcurrenttrans due to ignored transaction type When waitcurrenttrans is called during starttransaction, it currently waits for a blocked transaction without considering whether the given transaction type...
EUVD-2025-206804
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in waitcurrenttrans due to ignored transaction type When waitcurrenttrans is called during starttransaction, it currently waits for a blocked transaction without considering whether the given transaction type...
CVE-2025-71194 btrfs: fix deadlock in wait_current_trans() due to ignored transaction type
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in waitcurrenttrans due to ignored transaction type When waitcurrenttrans is called during starttransaction, it currently waits for a blocked transaction without considering whether the given transaction type...
CVE-2025-71194
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in waitcurrenttrans due to ignored transaction type When waitcurrenttrans is called during starttransaction, it currently waits for a blocked transaction without considering whether the given transaction type...
CVE-2025-71194 btrfs: fix deadlock in wait_current_trans() due to ignored transaction type
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in waitcurrenttrans due to ignored transaction type When waitcurrenttrans is called during starttransaction, it currently waits for a blocked transaction without considering whether the given transaction type...
PT-2026-6008
Name of the Vulnerable Software and Affected Versions Autodesk 3ds Max affected versions not specified Description A specially designed GIF file, when processed by Autodesk 3ds Max, can lead to a Stack-Based Buffer Overflow. An attacker could potentially use this to run code without permission...
Linux Distros Unpatched Vulnerability : CVE-2025-71194
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix deadlock in waitcurrenttrans due to ignored transaction type When waitcurrenttrans is called during starttransaction, it currently waits for a blocke...
PT-2026-6187
Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 2.0.74 Description Claude Code is an agentic coding tool affected by a Bash command validation flaw when parsing ZSH clobber syntax. This flaw allowed bypassing directory restrictions and writing files outside the...
CVE-2026-25129
PsySH is a runtime developer console, interactive debugger, and REPL for PHP. Prior to versions 0.11.23 and 0.12.19, PsySH automatically loads and executes a .psysh.php file from the Current Working Directory CWD on startup. If an attacker can write to a directory that a victim later uses as thei...
EulerOS Virtualization 2.10.1 : sudo (EulerOS-SA-2026-1147)
According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed user...
GHSA-4486-GXHX-5MG7 PsySH has Local Privilege Escalation via CWD .psysh.php auto-load
Summary PsySH automatically loads and executes a .psysh.php file from the Current Working Directory CWD on startup. If an attacker can write to a directory that a victim later uses as their CWD when launching PsySH, the attacker can trigger arbitrary code execution in the victim's context. When t...
PsySH has Local Privilege Escalation via CWD .psysh.php auto-load
Summary PsySH automatically loads and executes a .psysh.php file from the Current Working Directory CWD on startup. If an attacker can write to a directory that a victim later uses as their CWD when launching PsySH, the attacker can trigger arbitrary code execution in the victim's context. When t...
CVE-2026-25129
PsySH is a runtime developer console, interactive debugger, and REPL for PHP. Prior to versions 0.11.23 and 0.12.19, PsySH automatically loads and executes a .psysh.php file from the Current Working Directory CWD on startup. If an attacker can write to a directory that a victim later uses as thei...
Uncontrolled Search Path Element
Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element via the automatic loading and execution of .psysh.php from the current working directory during startup. An attacker can execute arbitrary code with the privileges of the victim process by placing a...