Linux Distros Unpatched Vulnerability : CVE-2024-26814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfdctx trigger pointer ...

CVE-2024-26814 affecting package kernel for versions less than 5.15.176.3-3

CVE-2024-26814 affecting package kernel for versions less than 5.15.176.3-3. A patched version of the package is available...

Ubuntu: Security Advisory (USN-6898-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-6817-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-5658-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-26814

In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfdctx trigger pointer of the vfiofslmcirq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The interrupt handler itself...

CVE-2024-26814 vfio/fsl-mc: Block calling interrupt handler without trigger

In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfdctx trigger pointer of the vfiofslmcirq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The interrupt handler itself...

CVE-2022-26814

creationtimestamp| type| source ---|---|--- 2022-04-15 22:34:00+00:00| seen| https://t.me/cibsecurity/40954...

CVE-2022-26814

Windows DNS Server Remote Code Execution Vulnerability...

CVE-2022-26814

Windows DNS Server Remote Code Execution Vulnerability...

CVE-2022-26814

Technical details about CVE-2022-26814 (Windows DNS Server RCE) are not publicly provided in the connected documents. The CVE appears alongside DNS-related fixes in Microsoft updates, but explicit affected versions, root cause, or patch information is not present here.

KB5012670: Windows 8.1 and Windows Server 2012 R2 Security Update (April 2022)

The remote Windows host is missing security update 5012639 or cumulative update 5012670. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-24474, CVE-2022-24481, CVE-2022-24494,...

Exploit for Path Traversal in Wazuh

CVE-2021-26814 A simple python PoC to exploit CVE-2021-2681...

Exploit for Path Traversal in Wazuh

CVE-2021-26814 A simple python PoC to exploit CVE-2021-2681...

CVE-2021-26814

creationtimestamp| type| source ---|---|--- 2021-03-06 07:48:06+00:00| seen| https://t.me/cibsecurity/24560 2021-05-22 02:23:34+00:00| seen| https://t.me/pwnwikizhchannel/487 2021-12-04 12:57:37+00:00| seen| https://t.me/BlueRedTeam/1268 2021-12-04 13:25:11+00:00| published-proof-of-concept|...

CVE-2021-26814

CVE-2021-26814 affects Wazuh API (versions 4.0.0–4.0.3); an authenticated user can trigger arbitrary code execution with admin privileges via the /manager/files API due to incomplete input validation. Public Red Hat and CVE trackers confirm the condition and references note a fixed release (4.0.4...

CVE-2020-26814

creationtimestamp| type| source ---|---|--- 2020-11-10 20:27:54+00:00| seen| https://t.me/cibsecurity/16113...

CVE-2020-26814

SAP Process Integration PGP Module - Business-to-Business Add On, version - 1.0, allows an attacker to read PGP Keys under certain conditions in the PGP Module of Business-to-Business Add-On, these keys can then be used to read messages processed by the module leading to Information Disclosure...

CVE-2020-26814

SAP Process Integration PGP Module - Business-to-Business Add On, version - 1.0, allows an attacker to read PGP Keys under certain conditions in the PGP Module of Business-to-Business Add-On, these keys can then be used to read messages processed by the module leading to Information Disclosure...

CVE-2020-26814

SAP Process Integration (PGP Module – Business-to-Business Add-On), version 1.0, contains an information-disclosure vulnerability that allows an attacker to read PGP Keys under certain conditions, which can then be used to read messages processed by the module. Root cause and exact exploitation d...