Lucene search
K

872 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006904)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006904 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Simplify platform device handling Coretemp's platform driver is unconventional. A...

5.5CVSS6.1AI score0.00136EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011048)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011048 advisory. In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, t...

7.8CVSS6.5AI score0.00241EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010896)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010896 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhpstateremoveinstancenocalls for hisihns3pmu uninit process When teari...

5.5CVSS5.8AI score0.00239EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013144)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013144 advisory. In the Linux kernel, the following vulnerability has been resolved: firmware: armsdei: Fix sleep from invalid context BUG Running a preempt-rt v6.2-rc3-rt1 based...

5.8AI score0.00173EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007023)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007023 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the...

5.5CVSS5.6AI score0.00147EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006581)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006581 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Simplify platform device handling Coretemp's platform driver is unconventional. A...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006698)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006698 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006638)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006638 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/19 11:20 p.m.4 views

CVE-2026-30874

A flaw was found in the procd component of OpenWrt. A highly privileged local attacker can bypass environment variable filtering in the hotplugcall function by injecting an arbitrary PATH variable. This vulnerability, caused by an incorrect string comparison, allows the attacker to control which...

8.2CVSS5.8AI score0.00296EPSS
Exploits0References5
NVD
NVD
added 2026/03/19 11:16 p.m.6 views

CVE-2026-30874

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplugcall function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

7.8CVSS0.00296EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/19 10:36 p.m.4 views

EUVD-2026-13378

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplugcall function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

1.8CVSS5.8AI score0.00296EPSS
Exploits0References2
OSV
OSV
added 2026/03/19 10:36 p.m.4 views

CVE-2026-30874 OpenWrt procd PATH Environment Variable Filter Bypass via Incorrect String Comparison Leads to Privilege Escalation

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplugcall function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

1.8CVSS6AI score0.00296EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/19 10:36 p.m.1 views

CVE-2026-30874

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplugcall function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

1.8CVSS5.8AI score0.00296EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/19 10:36 p.m.8 views

CVE-2026-30874 OpenWrt procd PATH Environment Variable Filter Bypass via Incorrect String Comparison Leads to Privilege Escalation

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplugcall function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

1.8CVSS5.8AI score0.00296EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/19 10:36 p.m.19 views

CVE-2026-30874 OpenWrt procd PATH Environment Variable Filter Bypass via Incorrect String Comparison Leads to Privilege Escalation

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplugcall function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

1.8CVSS0.00296EPSS
Exploits0References2
CVE
CVE
added 2026/03/19 10:36 p.m.23 views

CVE-2026-30874

OpenWrt procd PATH environment variable filter bypass (CVE-2026-30874). In OpenWrt versions prior to 24.10.6, hotplug_call does not exclude PATH due to a strcmp vs strncmp bug, allowing a local attacker to influence which binaries are executed by procd-invoked scripts with elevated privileges, po...

7.8CVSS5.8AI score0.00296EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.8 views

PT-2026-26432

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplug call function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

1.8CVSS5.8AI score0.00296EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005555 advisory. In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: remove cpuhp instance node before remove cpuhp state cpuhpstateaddinstance and...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References4
OSV
OSV
added 2026/01/29 6:16 p.m.6 views

AZL-75770 CVE-2026-24054 affecting package kata-containers for versions less than 3.19.1.kata2-3

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

10CVSS5.7AI score0.00438EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/01/29 5:16 p.m.29 views

CVE-2026-24054 Kata Containers Runtime: Host block device can be hotplugged to the VM if the container image is malformed or contains no layers

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

9.3CVSS0.00438EPSS
Exploits1References5
Rows per page
Query Builder