164 matches found
CVE-2026-46406 Claude Code: Insecure Temporary File in /copy Command Enables Response Disclosure and Symlink-Based File Write
Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path /tmp/claude/response.md without UID isolation, randomness, or symlink protection. The file was created world-readable 0644 in a world-traversable...
CVE-2026-45174 Idira Endpoint Privilege Manager Linux Agent: Potential bypass of Agent Daemon Initialization
Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon initialization. CyberArk Security Bulletin: CA26-19...
CVE-2026-45175 Idira Endpoint Privilege Manager Agent: Security Control and Cryptographic Validation Bypass in Internal Agent Validation Processes
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within internal agent validation processes. A local attacker could potentially bypass built-in security controls or cryptographic validations. Under specific circumstances, this could allow the attacker ...
Unity Linux 20.1060a Security Update: kernel (UTSA-2026-004377)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004377 advisory. The brcm80211 component in the Linux kernel through 6.5.10 has a brcmfcfg80211detach use-after-free in the device unplugging disconnect the USB by hotplug code. For...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001613)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001613 advisory. The cdromioctlmediachanged function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM...
CVE-2021-27004
System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials...
CVE-2021-22457
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause out-of-bounds write...
CVE-2020-10237
An issue was discovered in Froxlor through 0.10.15. The installer wrote configuration parameters including passwords into files in /tmp, setting proper permissions only after writing the sensitive data. A local attacker could have disclosed the information if he read the file at the right time,...
CVE-2024-34601
Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore...
EUVD-2025-38335
Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. Chromium security severity: Low...
EUVD-2018-11322
Malware in sbrugna...
EUVD-2020-4365
Malware in sbrugna...
EUVD-2017-2247
Malware in sbrugna...
EUVD-2020-6531
Malware in sbrugna...
EUVD-2020-3003
Malware in sbrugna...
EUVD-2008-3597
Malware in sbrugna...
EUVD-2019-7018
Malware in sbrugna...
EUVD-2000-0334
Malware in sbrugna...
EUVD-2019-14226
Malware in sbrugna...
EUVD-2019-16851
Malware in sbrugna...