Lucene search
K

1397 matches found

UbuntuCve
UbuntuCve
added 2026/04/10 4:16 p.m.2 views

CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References2
OSV
OSV
added 2026/04/10 4:16 p.m.3 views

UBUNTU-CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/10 4:8 p.m.6 views

Incorrect Resource Transfer Between Spheres

Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres in the udev process. An attacker can gain local root execution by connecting malicious hardware devices that produce unsanitized kernel output. Remediation A fix was pushed into the master...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/10 3:16 p.m.3 views

CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/10 3:16 p.m.3 views

CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/10 3:16 p.m.31 views

CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS0.00144EPSS
Exploits0References1
CVE
CVE
added 2026/04/10 3:16 p.m.18 views

CVE-2026-40225

The CVE-2026-40225 entry concerns udev in systemd prior to 260, where local root access can result from malicious hardware devices and unsanitized kernel output. The vulnerability affects the systemd/udev component and is described with a CVSSv3.1 base score of 6.4 (MEDIUM), with attack vector Ph...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/04/10 3:16 p.m.4 views

CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.4AI score0.00144EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.9 views

systemd 安全漏洞

Systemd is a Linux-based system and service manager developed by Lennart Poettering of Germany. This product is compatible with SysV and LSB startup scripts, and it provides a framework for representing dependencies between system services. Prior to version 260, there were security vulnerabilitie...

6.4CVSS5.8AI score0.00144EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.12 views

PT-2026-31807

An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker executing specific, crafted CLI commands to inject arbitrary shell commands as root, leading to a complete compromise of the system. Certain 'set...

8.4CVSS6AI score0.00692EPSS
Exploits0References3
NVD
NVD
added 2026/04/08 7:24 p.m.13 views

CVE-2025-30650

A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards. Affected line cards includ...

8.4CVSS0.00137EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/08 4:22 a.m.4 views

CVE-2026-5747

A flaw was found in Firecracker, specifically an out-of-bounds write issue within the virtio PCI transport. A local guest user with root privileges can exploit this by modifying virtio queue configuration registers after device activation. This could lead to crashing the Firecracker Virtual Machi...

8.7CVSS6.5AI score0.00208EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

Amazon Firecracker 安全漏洞

Amazon Firecracker is a virtualization technology developed by Amazon, used specifically for creating and managing multi-tenant containers and functions-based services. It provides a serverless operating model, designed for creating and managing multi-tenant containers and functions-based service...

8.7CVSS6.4AI score0.00208EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/07 11:17 p.m.3 views

EUVD-2026-19996

An out-of-bounds write issue in the virtio PCI transport in Amazon Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x8664 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virti...

8.7CVSS6.6AI score0.00208EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/07 11:17 p.m.12 views

CVE-2026-5747

An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x8664 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue...

8.7CVSS6.5AI score0.00208EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/23 12:0 a.m.11 views

PT-2026-31934

Name of the Vulnerable Software and Affected Versions systemd versions prior to 260 Description In udev, local root execution can occur through the use of malicious hardware devices and unsanitized kernel output. Recommendations Update to version 260 or later...

6.4CVSS5.4AI score0.00144EPSS
Exploits0References16
ATTACKERKB
ATTACKERKB
added 2026/03/22 1:38 p.m.4 views

CVE-2019-25611

MiniFtp contains a buffer overflow vulnerability in the parseconfloadsetting function that allows local attackers to execute arbitrary code by supplying oversized configuration values. Attackers can craft a miniftpd.conf file with values exceeding 128 bytes to overflow stack buffers and overwrite...

8.6CVSS6.8AI score0.0015EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/17 11:39 p.m.10 views

CVE-2026-3888

A privilege escalation flaw has been discovered in snapd. This local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. Mitigation Mitigation...

7.8CVSS5.6AI score0.00383EPSS
Exploits6References2
CVE
CVE
added 2026/03/13 6:38 p.m.15 views

CVE-2025-71263

CVE-2025-71263 : In UNIX Fourth Research Edition (v4), the su command is vulnerable to a buffer overflow due to a fixed 100-byte password buffer. This allows a local user to escalate to root privileges. The CVSS score is 7.4 (HIGH) with LOCAL attack vector, HIGH impact on confidentiality, integri...

7.8CVSS6.1AI score0.00179EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/03/13 6:38 p.m.28 views

CVE-2025-71263

In UNIX Fourth Research Edition v4, the su command is vulnerable to a buffer overflow due to the 'password' variable having a fixed size of 100 bytes. A local user can exploit this to gain root privileges. It is unlikely that UNIX v4 is running anywhere outside of a very small number of lab...

7.4CVSS0.00179EPSS
Exploits0References4
Rows per page
Query Builder