CVE-2026-12505

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

CVE-2026-12505

CVE-2026-12505 concerns the cifs-utils package. The issue: the root-owned cifs.upcall fails to securely drop root privileges before consulting user information, allowing a local, low-privilege attacker to craft a request_key payload that causes the process to enter a controlled environment with a...

CVE-2026-35368

A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam after entering the chroot but before dropping root privileges. On glibc-based systems, this can trigger the Name Service Switch NSS to load...

CVE-2026-35368

A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam after entering the chroot but before dropping root privileges. On glibc-based systems, this can trigger the Name Service Switch NSS to load...

EUVD-2026-17983

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 and 3.0.0-alpha to before 3.1.1, there is a conditional local privilege escalation vulnerability in an edge-case naming collision. Only authenticated himmelblau users whose...

CVE-2026-34397

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From versions 2.0.0-alpha to before 2.3.9 and 3.0.0-alpha to before 3.1.1, there is a conditional local privilege escalation vulnerability in an edge-case naming collision. Only authenticated himmelblau users whose...

PT-2026-29576

Name of the Vulnerable Software and Affected Versions Himmelblau versions 2.0.0-alpha through 2.3.8 and 3.0.0-alpha through 3.1.0 Description Himmelblau, an interoperability suite for Microsoft Azure Entra ID and Intune, contains a conditional local privilege escalation issue due to an edge-case...

EUVD-2010-0852

Malware in sbrugna...

EUVD-2015-7431

Malware in sbrugna...

EUVD-2018-18511

Malware in sbrugna...

EUVD-2023-54650

Malicious code in bioql PyPI...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463SudoPoC PoC for CVE-2025-32463: Local privileg...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 - Sudo Privilege Escalation PoC /////// Discla...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

PoC exploit for CVE-2025-32463, a Sudo Local Privilege Escalatio...

Linux Distros Unpatched Vulnerability : CVE-2023-4806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application...

glibc: potential use-after-free in getaddrinfo()

A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the nssgethostbyname2r and nssgetcanonnamer hooks without...

EulerOS Virtualization 2.10.0 : glibc (EulerOS-SA-2024-1378)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulti...

EulerOS Virtualization 2.10.1 : glibc (EulerOS-SA-2024-1357)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulti...

EulerOS 2.0 SP8 : glibc (EulerOS-SA-2024-1268)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an...

CentOS 8 : glibc (CESA-2023:5455)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:5455 advisory. - A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode vi...