CentOS Web Panel - OS Command Injection

The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection vulnerability leading to root Remote Code Execution. id: CVE-2021-31324 info: name: CentOS Web Panel - OS Command Injection author: ritikchaddha severity: critical description: | The unprivileged user portal...

CentOS Web Panel - SQL Injection

The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter. id: CVE-2021-31316 info: name: CentOS Web Panel - SQL Injection author: ritikchaddha severity: critical description: | The unprivileged user portal part of CentOS Web Pane...

Centos Web Panel 0.9.8.480 - Local File Inclusion

Centos Web Panel version 0.9.8.480 suffers from local file inclusion vulnerabilities. Other vulnerabilities including cross-site scripting and remote code execution are also known to impact this version. id: CVE-2018-18323 info: name: Centos Web Panel 0.9.8.480 - Local File Inclusion author:...

CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution

CentOS Web Panel 7 before 0.9.8.1147 is susceptible to remote code execution via entering shell characters in the /login/index.php component. This can allow an attacker to execute arbitrary system commands via crafted HTTP requests and potentially execute malware, obtain sensitive information,...

pac-exploits-priv

CVE-2021-4034 PoC for PwnKit: Local Privilege Escalation Vulne...

CentOS 9 : coreutils-8.32-42.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the coreutils-8.32-42.el9 build changelog. - A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory...

Exploit for Out-of-bounds Write in Linux Linux_Kernel

本地提权 CVE-2026-46300 使用方式： CGOENABLED=0 go build -ldflag...

CentOS 9 : vim-8.2.2637-31.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the vim-8.2.2637-31.el9 build changelog. - arbitrary command execution via modeline sandbox bypass CVE-2026-34982 Note that Nessus has not tested for this issue but has instead relied only ...

CentOS 9 : kernel-5.14.0-710.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the kernel-5.14.0-710.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proclseek as ones for procreaditer et....

CentOS 9 : vim-8.2.2637-29.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the vim-8.2.2637-29.el9 build changelog. - Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 Note that Nessus has not tested for this issue but has inste...

CentOS 9 : polkit-0.117-16.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the polkit-0.117-16.el9 build changelog. - A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the polkit-agent-helper-1...

CentOS 9 : rust-rpm-sequoia-1.10.2.1-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the rust- rpm-sequoia-1.10.2.1-1.el9 build changelog. - Update sequoia-openpgp to version 2.3.0. This includes three security relevant fixes assigned CVE-2026-42783, CVE-2026-42784, and...

CentOS 9 : openssl-3.5.5-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the openssl-3.5.5-3.el9 build changelog. - Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impa...

CentOS 9 : kernel-5.14.0-704.el9

"The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-704.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series Fix stale...

CentOS 9 : glib2-2.68.4-20.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the glib2-2.68.4-20.el9 build changelog. - A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service ...

CentOS 9 : rsync-3.2.5-7.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the rsync-3.2.5-7.el9 build changelog. - A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when...

CentOS 9 : sssd-2.9.9-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the sssd-2.9.9-1.el9 build changelog. - out-of-bounds read in the sssd CVE-2026-6245 Note that Nessus has not tested for this issue but has instead relied only on the application's...

CentOS 9 : python-markdown-3.3.4-5.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the python- markdown-3.3.4-5.el9 build changelog. - Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an...

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

cPanel has released updates to address three vulnerabilities in cPanel and Web Host Manager WHM that could be exploited to achieve privilege escalation, code execution, and denial-of-service. The list of vulnerabilities is as follows - CVE-2026-29201 CVSS score: 4.3 - An insufficient input...

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Details have emerged about a new, unpatched local privilege escalation LPE vulnerability impacting the Linux kernel. Dubbed Dirty Frag , it has been described as a successor to Copy Fail CVE-2026-31431, CVSS score: 7.8, a recently disclosed LPE flaw impacting the Linux kernel that has since come...