PT-2026-46606

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the FileSystem component allows a remote attacker who has already compromised the renderer process to bypass the same origin policy, which is a securi...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414534)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414534 advisory. An out of memory bounds write flaw 1 or 2 bytes of memory in the Linux kernel NFS subsystem was found in the way users use mirroring replication of files with NFS. A...

The vulnerability of the Oracle Solaris operating system’s file system allows a perpetrator to gain full control over the application.

The vulnerability of the Oracle Solaris operating system’s file system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain full control over the application...

USN-7591-5: Linux kernel (Intel IoTG) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

USN-7592-1: Linux kernel vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

USN-7591-3: Linux kernel (Real-time) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

Oracle Solaris 安全漏洞

Oracle Solaris is a UNIX operating system from Oracle Corporation USA. A security vulnerability exists in Oracle Solaris version 11 that stems from a flaw in a file system component that could lead to a system takeover...

Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7384-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7384-1 advisory. Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker...

The vulnerability of the file system of Juniper Networks Junos OS router series cSRX allows a attacker to enhance their privileges.

The vulnerability of the file system of Juniper Networks Junos OS router series cSRX lies in the way passwords are stored in a recoverable format. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the `ntfs_names_full_collate` function in the NTFS file system, which allows a malicious actor to execute arbitrary code with elevated privileges on the FUSE NTFS-3G module.

The vulnerability of the ntfsnamesfullcollate function in the NTFS file system is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges using a specially created NTFS image file...

kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL

A data leak flaw was found in the way XFSIOCALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them...

UBUNTU-CVE-2021-39261

A crafted NTFS image can cause a heap-based buffer overflow in ntfscompressedpwrite in NTFS-3G 2021.8.22...

LSN-0079-1 Kernel Live Patch Security Notice

It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.CVE-2021-3600 It was discovered that the virtual file system...

The vulnerability of the file system component of the IBM Spectrum Scale data storage management software allows a attacker to trigger a service failure.

The vulnerability of the file system component of the IBM Spectrum Scale data storage management software is related to insufficient testing of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to trigger a service failure by executing processes like...

kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence

A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the...

The vulnerability of the NTFS file system implementation in Windows operating systems allows attackers to increase their privileges.

The vulnerability of the NTFS file system implementation in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

Cisco Elastic Services Controller Information Disclosure Vulnerability (CNVD-2017-11575)

Cisco Elastic Services Controller is a cloud and systems management solution. Cisco Elastic Services Controllers have a security vulnerability in the file system implementation, where a local attacker obtains sensitive information about an affected system...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20150210)

A flaw was found in the way the Linux kernel's splice system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system. CVE-2014-7822, Moderate This update also fixes the following bugs : -...

USN-1431-1: Linux kernel vulnerabilities

A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the...