83 matches found
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
kernel: Read root-owned files as an unprivileged user
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...
CVE-2026-31462
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: prevent immediate PASID reuse case PASID resue could cause interrupt issue when process immediately runs into hw state left by previous process exited with the same PASID, it's possible that page faults are still...
CVE-2026-31462 drm/amdgpu: prevent immediate PASID reuse case
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: prevent immediate PASID reuse case PASID resue could cause interrupt issue when process immediately runs into hw state left by previous process exited with the same PASID, it's possible that page faults are still...
PT-2026-34241
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The implementation of TIOCNOTTY fails to clear a back-pointer from the structure representing the controlling terminal to the calling process' session. If the...
PT-2026-29673
Summary Sending an email with proto : as a header name crashes the Haraka worker process. Details The header parser at node modules/haraka-email-message/lib/header.js:215-218 stores headers in a plain object: javascript add headerkey, value, method this.headerskey ??= // line 216...
ISC BIND 9.20.0 < 9.20.21 / 9.20.9-S1 < 9.20.21-S1 / 9.21.0 < 9.21.20 Assertion Failure (cve-2026-3104)
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2026-3104 advisory. - A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain.If a BIND...
GHSA-H75P-J8XM-M278 CoreDNS Loop Detection Denial of Service Vulnerability
Executive Summary A Denial of Service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable pseudo-random number generator PRNG for generating a secret...
MAL-2026-1232 Malicious code in @schedaero/yukon (npm)
Multiple evidences indicate malicious behavior: suspicious URL, data exfiltration, process exiting, and preinstall script execution. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b02868b7ba4a5e5bf754e692e348191e6974f2f707417f20f97b33f172cda4ca The package...
Malicious code in @schedaero/yukon (npm)
Multiple evidences indicate malicious behavior: suspicious URL, data exfiltration, process exiting, and preinstall script execution. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b02868b7ba4a5e5bf754e692e348191e6974f2f707417f20f97b33f172cda4ca The package...
MAL-2026-1231 Malicious code in @schedaero/shared (npm)
Malicious package due to suspicious URL, data exfiltration, forced process exit, preinstall script execution. Impersonating legit schedaero.com. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fde30d72c136b3e78352eecc9a614e37d812dc136aca7d2c685f2bdafd305207 The...
drm/amdkfd: svm range restore work deadlock when process exit
...
EUVD-2022-55090
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: svm range restore work deadlock when process exit kfdprocessnotifierrelease flush svmrangerestorework which calls svmrangelistlockandflushwork to flush deferredlist work, but if deferredlist work mmput release the las...
EUVD-2022-15756
Malicious code in bioql PyPI...
EUVD-2022-26400
Malicious code in bioql PyPI...
Windows Silent Process Exit Persistence
Windows allows you to set up a debug process when a process exits. This module uploads a payload and declares that it is the debug process to launch when a specified process exits. Module Options msf use exploit/windows/persistence/imageexecoptions msf exploitimageexecoptions show targets...
📄 Windows Silent Process Exit Persistence
Windows allows you to set up a debug process when a process exits. This Metasploit module uploads a payload and declares that it is the debug process to launch when a specified process exits. This module requires Metasploit: https://metasploit.com/download Current source:...
PT-2025-28958 · Builder.Io · @Builder.Io/Qwik-City
Name of the Vulnerable Software and Affected Versions: @builder.io/qwik-city versions prior to 1.13.0 Description: The @builder.io/qwik-city meta-framework for Qwik is susceptible to an issue where improper handling of invalid qfunc during the execution of a Qwik Server Action QRL can lead to a...