Lucene search
K

17011 matches found

RedHat Linux
RedHat Linux
added 6 days ago4 views

vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass

A flaw was found in Vim's zip.vim plugin. A local user could be tricked into opening a specially crafted zip archive, which would allow a path traversal bypass. This vulnerability enables an attacker to overwrite arbitrary files on the system, potentially leading to data integrity issues or furth...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 6 days ago7 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

A flaw was found in Vim, an open-source command-line text editor. This command injection vulnerability occurs during tag file processing. A local user could craft a malicious tags file containing backtick syntax in the filename field. When Vim resolves a tag from this file, it executes the embedd...

6.6CVSS6.4AI score0.00501EPSS
Exploits0References7
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40241

rtapiapp in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to lo...

8.4CVSS5.9AI score0.00152EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/29 2:3 p.m.5 views

CVE-2026-46406

Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The file was created world-readable 0644 in a world-traversable...

4.4CVSS5.9AI score0.00149EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/29 11:50 a.m.4 views

PYSEC-2026-428 motionEye: Authentication possible via password hash

Summary An authentication bypass vulnerability exists due to improper trust in client-controlled cookies. The application accepts user-supplied cookie values containing a username and password-hash-derived value as sufficient authentication material. These cookies can be set or modified prior to...

9.1CVSS6AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/29 9:7 a.m.6 views

CVE-2026-53284

A flaw was found in the Linux kernel's Btrfs filesystem. A local user performing specific filesystem operations could trigger an error during the writing of dirty extent buffers. This improper handling of the dirty pages I/O tree can prevent unsubmitted records from being cleaned up, leading to...

7.5CVSS5.8AI score0.00432EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/29 8:19 a.m.5 views

CVE-2026-53304

A flaw was found in the Linux kernel's SCSI generic sg module. A local user could bypass the intended size restrictions for the defreservedsize module parameter. By setting this parameter to an invalid value and then attempting to open a SCSI generic device, the system can experience a soft locku...

5.5CVSS5.8AI score0.00185EPSS
Exploits0References4
NVD
NVD
added 2026/06/27 10:16 a.m.11 views

CVE-2026-49414

The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen. An unprivileged local user ca...

7.8CVSS0.00106EPSS
Exploits0References1
CVE
CVE
added 2026/06/27 9:22 a.m.21 views

CVE-2026-49414

CVE-2026-49414 is a local ASLR bypass in FreeBSD: the ELF image activator clears per-process ASLR preferences for setuid binaries after computing the PIE base, allowing an unprivileged local user to disable ASLR for a setuid PIE binary via procctl(2) before execve(2). This makes exploitation of a...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/27 9:22 a.m.35 views

CVE-2026-49414 ASLR bypass for setuid executables via procctl(2)

The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen. An unprivileged local user ca...

0.00106EPSS
Exploits0References1
NVD
NVD
added 2026/06/27 9:16 a.m.9 views

CVE-2026-45258

dspmmapsingle validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This addition could overflow, so that a large offset and length wrapped around and passed the check. The offset was then narrowed from 64 to 32 bits when converted to ...

7.8CVSS0.00149EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.7 views

EulerOS 2.0 SP15 : libcap (EulerOS-SA-2026-2487)

According to the versions of the libcap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function...

7CVSS7.1AI score0.00188EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.11 views

PT-2026-53062

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the kernel handler for IPV6 MSFILTER. The handler drops a serializing lock to copy the source-filter list from userspace and subsequently reacquires it...

7.8CVSS5.8AI score0.00104EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.13 views

PT-2026-53065

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The CONS HISTORY ioctl handler fails to properly validate the requested history size. Providing a large value leads to an integer overflow during the buffer size...

7.8CVSS5.9AI score0.00107EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/26 10:40 p.m.10 views

CVE-2026-48935

A flaw was found in Node.js. The Permission API allows a local user to modify file metadata on paths that have been explicitly set as read-only. This can lead to unauthorized changes in file properties, impacting the integrity of the file system. Mitigation Mitigation for this issue is either not...

3.3CVSS5.6AI score0.00154EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 7:14 p.m.8 views

CVE-2026-52977

A flaw was found in the Linux kernel's futex Fast Userspace Mutexes subsystem. A race condition between two concurrent futex operations can lead to a system live lock. This occurs when a task attempting to exit early due to a signal or timeout becomes deadlocked while another task continuously...

5.5CVSS5.7AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 7:5 p.m.9 views

CVE-2026-53024

A flaw was found in the Linux kernel's Greybus raw subsystem. A local user could trigger a use-after-free vulnerability by attempting to write to a character device chardev after it has been disconnected. This can lead to a kernel panic, resulting in a Denial of Service DoS for the system...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/26 4:21 p.m.7 views

CVE-2026-45407

Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKUROOT/.netrc using bash's touch command, which applies the default umask of 0644. This pre-creation defeats the netrc binary's built-in 0600 permission setting, leaving git credentials readable by any local user wh...

5.5CVSS5.8AI score0.00089EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/26 3:19 p.m.8 views

CVE-2026-53108

A flaw was found in the Linux kernel. A race condition exists between the movepages system call, which sets up a Page Middle Directory PMD migration entry, and the munmap system call, which unmaps memory regions. This race can be exploited by a local user to trigger a kernel bug, causing a system...

5.5CVSS5.7AI score0.00151EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 3:1 p.m.8 views

CVE-2026-52948

A flaw was found in the Linux kernel's I2C Inter-Integrated Circuit subsystem. A malicious local user can exploit an integer overflow vulnerability in the I2CTIMEOUT ioctl. By providing a large timeout value, the multiplication by 10 causes an overflow, leading to a truncated value. This results ...

5.5CVSS5.8AI score0.00185EPSS
Exploits0References4
Rows per page
Query Builder