Lucene search
K

31997 matches found

RedHat Linux
RedHat Linux
added 2026/06/30 8:53 p.m.6 views

Moderate: Red Hat Security Advisory: rrdtool security update

An update for rrdtool is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.8CVSS6AI score0.00132EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 5:16 p.m.7 views

CVE-2026-8864

The HP Fan Control App might allow local escalation of privileges. An updated version of HP Fan Control App has been released to mitigate this potential vulnerability...

7.3CVSS0.00108EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/30 4:21 p.m.7 views

EUVD-2026-40368

The HP Fan Control App might allow local escalation of privileges. An updated version of HP Fan Control App has been released to mitigate this potential vulnerability...

7.3CVSS5.7AI score0.00108EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 4:21 p.m.14 views

CVE-2026-8864

The CVE-2026-8864 entry concerns the HP Fan Control App, where local escalation of privileges is possible. The vulnerability is supported by multiple sources noting that an updated HP Fan Control App version has been released to mitigate the issue. Documented metrics indicate a local attack vecto...

7.3CVSS5.7AI score0.00108EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/30 11:30 a.m.4 views

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

8.8CVSS7.1AI score0.93235EPSS
Exploits31References6
OSV
OSV
added 2026/06/30 2:16 a.m.3 views

UBUNTU-CVE-2026-58302

rtapiapp in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to lo...

8.4CVSS5.9AI score0.00152EPSS
Exploits0References7
CVE
CVE
added 2026/06/30 1:9 a.m.16 views

CVE-2026-58302

CVE-2026-58302 affects the LinuxCNC project, specifically the rtapi_app in linuxcnc-uspace prior to version 2.9.9. The binary is installed with SUID root and loads shared library modules via dlopen() using a user-supplied module name. The validation of the module name is insufficient, allowing pa...

8.4CVSS5.9AI score0.00152EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.7 views

RHEL 10 : cifs-utils (RHSA-2026:32990)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:32990 advisory. The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. The cifs-utils packages contain tools for...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-58302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rtapiapp in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen by using...

8.4CVSS6.1AI score0.00152EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-54370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by...

7.2CVSS6.1AI score0.00091EPSS
Exploits0References4
NVD
NVD
added 2026/06/29 2:16 p.m.8 views

CVE-2026-54370

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS0.00091EPSS
Exploits0References3
NVD
NVD
added 2026/06/29 2:16 p.m.8 views

CVE-2026-54371

attr before version 2.6.0 contains a symlink traversal vulnerability in the getfattr and setfattr utilities that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link during directory hierarchy traversal. Attackers who control a pathname component ca...

8.4CVSS0.00136EPSS
Exploits0References7
NVD
NVD
added 2026/06/29 2:16 p.m.8 views

CVE-2026-54369

acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions aclgetfile, aclsetfile, aclextendedfile, and acldeletedeffile that allows local attackers to escalate privileges by replacing any pathname component with a symbolic link. Attackers who contr...

8.4CVSS0.00142EPSS
Exploits0References7
OSV
OSV
added 2026/06/29 2:16 p.m.4 views

UBUNTU-CVE-2026-54370

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS5.9AI score0.00091EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 12:39 p.m.7 views

EUVD-2026-40087

attr before version 2.6.0 contains a symlink traversal vulnerability in the getfattr and setfattr utilities that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link during directory hierarchy traversal. Attackers who control a pathname component ca...

8.4CVSS5.9AI score0.00136EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/29 12:38 p.m.7 views

CVE-2026-54370

acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...

7.2CVSS5.9AI score0.00091EPSS
Exploits0References4
CVE
CVE
added 2026/06/29 12:37 p.m.32 views

CVE-2026-54369

The CVE-2026-54369 entry concerns acl before version 2.4.0, where a symlink traversal vulnerability exists in the libacl pathname-based functions acl_get_file(), acl_set_file(), acl_extended_file(), and acl_delete_def_file(). The underlying issue allows a local attacker to escalate privileges by ...

8.4CVSS5.9AI score0.00142EPSS
Exploits0References7
CVE
CVE
added 2026/06/29 8:5 a.m.16 views

CVE-2026-22078

CVE-2026-22078 concerns O+ Connect where an unauthenticated IPC service allows a local attacker to escalate privileges via the IPC channel. The root cause is lack of client authentication on the IPC interface, enabling external applications to perform sensitive actions with elevated privileges. T...

7.3CVSS5.8AI score0.00089EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/29 8:5 a.m.37 views

CVE-2026-22078 O+ Connect's lack of authentication for IPC channels led to a local privilege escalation vulnerability.

Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel...

7.3CVSS0.00089EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.11 views

PT-2026-53272

Name of the Vulnerable Software and Affected Versions acl versions prior to 2.4.0 Description A symlink traversal issue exists in pathname-based functions. Local attackers can escalate privileges by replacing a pathname component with a symbolic link. If an attacker controls any part of a pathnam...

8.4CVSS5.9AI score0.00142EPSS
Exploits0References9
Rows per page
Query Builder