Lucene search
K

1397 matches found

Amazon
Amazon
added 2026/05/26 12:0 a.m.11 views

Important: dnsmasq

Issue Overview: A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet. CVE-2026-4892 An information disclosure vulnerability in dnsmasq allows remote attackers to...

8.4CVSS6.2AI score0.02681EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.13 views

PT-2026-42117

Name of the Vulnerable Software and Affected Versions haveged affected versions not specified Description A privilege escalation issue exists via the command socket. The software verifies the connecting peer's user ID using SO PEERCRED and sends a NAK response to non-root callers. However,...

7.8CVSS5.9AI score0.00185EPSS
Exploits0References29
GithubExploit
GithubExploit
added 2026/05/16 8:53 p.m.71 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

🔴 CVE-2026-31431 — Copy Fail : Répertoire de Prévention É...

7.8CVSS7.4AI score0.96267EPSS
Exploits228
The Hacker News
The Hacker News
added 2026/05/14 7:6 a.m.16 views

New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption

Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation LPE vulnerability that allows local attackers to gain root access, making it the third such bug to be identified in the kernel within a span of two weeks. Codenamed Fragnesia , the security...

6AI score0.03663EPSS
Exploits11
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.25 views

PT-2026-48611

Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description A local privilege escalation issue exists in FreeBSD kTLS-RX. The flaw allows a local user to overwrite files they have read access to by utilizing in-place AES-GCM decryption over sendfile2...

7.8CVSS5.8AI score0.00154EPSS
Exploits0References16
UbuntuCve
UbuntuCve
added 2026/05/11 12:0 p.m.11 views

CVE-2026-4892

A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...

8.4CVSS6.2AI score0.00812EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2026/05/09 1:46 p.m.208 views

Exploit for Write-what-where Condition in Linux Linux_Kernel

Dirty Frag check CVE-2026-43284 / CVE-2026-43500 Read-only...

7.8CVSS6.1AI score0.96267EPSS
Exploits257
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.8 views

Unity Linux 20.1070e Security Update: aide (UTSA-2026-017376)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017376 advisory. AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs ACLs, because of a heap-based buff...

7.8CVSS7.4AI score0.00493EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2026/05/08 7:18 p.m.138 views

Exploit for Write-what-where Condition in Linux Linux_Kernel

Dirty Frag Technical Analysis CVE-2026-43284 xfrm-ESP / C...

7.8CVSS6.1AI score0.93235EPSS
Exploits33
Information Security Automation
Information Security Automation
added 2026/05/08 11:0 a.m.8 views

About Elevation of Privilege vulnerability - Linux Kernel "Dirty Frag" (CVE-2026-43284, CVE-2026-43500) vulnerability

About Elevation of Privilege vulnerability - Linux Kernel "Dirty Frag" CVE-2026-43284, CVE-2026-43500 vulnerability. According to information from researcher Hyunwoo Kim @v4bel, Dirty Frag is a vulnerability a class of vulnerabilities that allows a local unprivileged attacker to obtain root...

8.8CVSS6.3AI score0.93235EPSS
Exploits33
Arista
Arista
added 2026/05/08 12:0 a.m.37 views

Security Advisory 0138

Security Advisory 0138 PDF Date: May 8, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 8, 2026 | Initial release 1.1 | May 18, 2026 | Updated affected products and added mitigation section The CVE-ID’s tracking this issue: CVE-2026-43284, and CVE-2026-43500. Description Arista Networks is...

8.8CVSS6.3AI score0.93235EPSS
Exploits33
GithubExploit
GithubExploit
added 2026/05/07 10:14 p.m.107 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CopyFail2 CVE-2026-31431 - Python Implementation Python por...

7.8CVSS6.1AI score0.96267EPSS
Exploits228
Arista
Arista
added 2026/05/01 12:0 a.m.36 views

Security Advisory 0136

Security Advisory 0136 PDF Date: May 1, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 1, 2026 | Initial release 1.1 | May 7, 2026 | Additional required configuration for exploitation information added 1.2 | May 11, 2026 | Advisory updated with additional mitigations. The CVE-ID tracking th...

7.8CVSS6.5AI score0.96267EPSS
Exploits228
GithubExploit
GithubExploit
added 2026/04/30 8:38 p.m.87 views

Exploit for CVE-2026-31431

Copy Fail PoC English Python PoC for CVE-2026-31431,...

7.8CVSS5.7AI score0.96267EPSS
Exploits228
GithubExploit
GithubExploit
added 2026/04/30 2:55 a.m.79 views

Exploit for CVE-2026-31431

CVE-2026-31431 — Copy Vulnerability Linux Kernel Page Cache...

7.8CVSS7.5AI score0.96267EPSS
Exploits228
Github Security Blog
Github Security Blog
added 2026/04/29 9:34 p.m.9 views

OpenClaw: Webchat audio embedding could read local files without local-root containment

Impact OpenClaw deployments before 2026.4.15 could embed host-local audio files into webchat responses without applying the local media root containment check used by other media-serving paths. If an attacker could influence an agent or tool-produced ReplyPayload.mediaUrl, the webchat audio...

5.4AI score
Exploits0References3Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/04/29 8:6 a.m.12 views

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.

...

6.4CVSS5.8AI score0.00144EPSS
Exploits0
NVD
NVD
added 2026/04/28 12:16 a.m.9 views

CVE-2026-41366

OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media parent directory validation to exfiltrate credentials and access sensitive files...

6CVSS0.00181EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/27 11:24 p.m.11 views

EUVD-2026-25946

OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media parent directory validation to exfiltrate credentials and access sensitive files...

6CVSS5.4AI score0.00181EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/27 11:24 p.m.3 views

CVE-2026-41366

OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media parent directory validation to exfiltrate credentials and access sensitive files...

6CVSS5.5AI score0.00181EPSS
Exploits0References4
Rows per page
Query Builder