MiracleLinux 3 : kvm-83-224.0.1.AXS3 (AXSA:2011-250:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-250:01 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

CVE-2025-30992

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Puca puca allows PHP Local File Inclusion.This issue affects Puca: from n/a through = 2.6.33...

CVE-2025-30992

CVE-2025-30992 is a Local File Inclusion vulnerability in the WordPress theme Puca (thembay) up to version 2.6.33, allowing an unauthenticated attacker to include arbitrary PHP files via file name handling in include/require. The issue is rated high (CVSS 3.1: 8.1) with potential impact to confid...

WordPress plugin Puca 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

GSD-2023-1000370 net/9p: Fix a potential socket leak in p9_socket_open

net/9p: Fix a potential socket leak in p9socketopen This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.301 by commit...

PT-2023-33245 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.33 through 5.15.81 Description: The issue concerns the removal of used dynamic events, which may lead to the freeing of buffers. This problem was introduced in version v2.6.33 and is fixed in version v5.15.82...

GSD-2022-1001502 mxser: fix xmit_buf leak in activate when LSR == 0xff

mxser: fix xmitbuf leak in activate when LSR == 0xff This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.19 by commit...

PT-2015-1942 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: QEMU versions prior to 2.3.1 Linux kernel versions prior to 2.6.33 Description: The issue is caused by a buffer overflow in the pit ioport read function of the QEMU emulator, which does not properly distinguish between read lengths and write...

PT-2013-5083 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.33 Description: The issue is related to multiple stack-based buffer overflows in the Linux kernel. These overflows occur in the ip vs ctl.c file when CONFIG IP VS is used, allowing local users with the CAP N...

[Auto Rooting v 1.0] Local root [2010 - 2011 - 2012]

Auto Rooting: 2.6.32-46-2011 2.6.37 2.6.33 2.6.18-164-2010 2.6.18-194 2.6.18-6-x86-2011 2.6.18-164 2.6.18-274-2011 2.6.28-2011 etc... CLICK HERE FOR LOGIN TO ARCHIVE Download Auto Rooting v 1.0...

Портирование эксплойта ACPI custom_method.

Наткнулся недавно на упоминание декабрьского эксплойта Jon Oberheide. В качестве челленджа задался идеей портировать этот эксплойт. Первоначальный эксплойт работает только на ноутбуках где есть LID ACPI девайс состояния крышки и исключительно на 64-битных системах. Задача: портировать эксплойт на...

Race condition

Race condition in the sctpicmpprotounreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service panic via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and...

kernel: dvb-core: DoS bug in ULE decapsulation code

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvbnet.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service infinite loop via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE...

linux/x86 - Disable randomize stack addresse - 106 bytes

Exploit for linux/x86 platform in category shellcode ======================================================== linux/x86 - Disable randomize stack addresse - 106 bytes ======================================================== / Title: Linux/x86 - Disable randomize stack addresse - 106 bytes Set...

CVE-2010-1086

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvbnet.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service infinite loop via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE...

Linux Kernel 'fasync_helper()' Local Privilege Escalation Vulnerability

Exploit for linux platform in category local exploits ======================================================================= Linux Kernel 'fasynchelper' Local Privilege Escalation Vulnerability ======================================================================= Credit: Tavis Ormandy...

Design/Logic Flaw

The wakefutexpi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance PI futex, which allows local users to cause a denial of service OOPS and possibly have unspecified other impact via vectors involving...

kernel: create_elf_tables can leave urandom in a bad state

Use-after-free vulnerability in the fasynchelper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling OASYNC aka FASYNC or FIOASYNC on a locked file, and then closing this file...

CVE-2009-4141

Use-after-free vulnerability in the fasynchelper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling OASYNC aka FASYNC or FIOASYNC on a locked file, and then closing this file...