Lucene search
K

1252 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.20 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50280)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50280 advisory. - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391447 CVE-2026-46333 - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Jeff...

9.8CVSS7AI score0.96775EPSS
Exploits260References2
NVD
NVD
added 2026/05/21 10:16 a.m.15 views

CVE-2026-45253

ptracePTSCREMOTE failed to properly validate parameters for the syscall2 and syscall2 meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even if the target process has no special privileges. The missing validation allows ...

8.4CVSS0.00196EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 9:17 a.m.7 views

CVE-2026-45253

ptracePTSCREMOTE failed to properly validate parameters for the syscall2 and syscall2 meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even if the target process has no special privileges. The missing validation allows ...

8.4CVSS6.3AI score0.00196EPSS
Exploits0References2
CVE
CVE
added 2026/05/21 9:17 a.m.69 views

CVE-2026-45253

CVE-2026-45253 describes a missing validation in ptrace(PT_SC_REMOTE) related to syscall(2) and __syscall(2) meta-system calls. The issue allows an unprivileged local user who can debug a process to trigger arbitrary code execution in the kernel, potentially gaining full control of the affected s...

8.4CVSS6.3AI score0.00196EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/21 9:17 a.m.12 views

EUVD-2026-31257

ptracePTSCREMOTE failed to properly validate parameters for the syscall2 and syscall2 meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even if the target process has no special privileges. The missing validation allows ...

8.4CVSS6.3AI score0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/21 9:17 a.m.9 views

CVE-2026-45253 Missing validation in ptrace(PT_SC_REMOTE)

ptracePTSCREMOTE failed to properly validate parameters for the syscall2 and syscall2 meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even if the target process has no special privileges. The missing validation allows ...

6.3AI score0.00196EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/05/21 7:35 a.m.19 views

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The vulnerability, tracked as CVE-2026-46333 CVSS score: 5.5, is a case of improper privilege management that could permit an unprivileged local user to disclose...

7.1CVSS6.1AI score0.01241EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.15 views

TencentOS Server 4: kernel (TSSA-2026:0334)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0334 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.8CVSS6.2AI score0.01241EPSS
Exploits6References2
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

FreeBSD 缓冲区错误漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has a buffer error vulnerability, which stems from ptracePTSCREMOTE failing to properly validate the parameters of syscall2 and syscall2 system calls. This vulnerability may allow users with debugging capabilitie...

8.4CVSS6.4AI score0.00196EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.13 views

PT-2026-42400

Notice FreeBSD-EN-26:13.freebsd-update Advisories FreeBSD-SA-26:18.setcred Stack buffer overflow via setcred2 CVE Record: CVE-2026-45250 FreeBSD-SA-26:19.file Kernel use-after-free via file descriptor syscalls CVE Record: CVE-2026-45251 FreeBSD-SA-26:20.fusefs Heap overflow in FUSE LISTXATTR CVE...

6.3AI score0.00409EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.12 views

PT-2026-42402

In the case of the cap net service, when a key present in the old limit was omitted from the new limit, the missing key was treated as "allow any" instead of being rejected. In certain scenarios, an application that had previously restricted a subset of network operations could ask for a new limi...

6.5CVSS5.8AI score0.00194EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.10 views

PT-2026-42403

Name of the Vulnerable Software and Affected Versions FreeBSD bsdinstall/bsdconfig affected versions not specified Description When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they use a shell script to build a list of network names and prompt the user for selection vi...

7.5CVSS6AI score0.00305EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.10 views

PT-2026-42399

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A use-after-free issue exists where a file descriptor can be closed while a thread is blocked in a poll2 or select2 call waiting for that descriptor. Since the blocked thread does not ho...

7.8CVSS5.8AI score0.0017EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.10 views

PT-2026-42397

Name of the Vulnerable Software and Affected Versions FreeBSD libcasper3 affected versions not specified Description libcasper3 communicates with helper processes via UNIX domain sockets and utilizes the select2 system call to wait for available data. The software fails to verify if the socket...

8.8CVSS5.8AI score0.00172EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.8 views

FreeBSD : FreeBSD -- Missing validation in ptrace(PT_SC_REMOTE) (6c96da5e-54b6-11f1-8d7a-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6c96da5e-54b6-11f1-8d7a-bc241121aa0a advisory. ptracePTSCREMOTE failed to properly validate parameters for the syscall2 and syscall2 meta-system calls...

8.4CVSS6.1AI score0.00196EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.11 views

MiracleLinux 9 : kernel-5.14.0-611.54.6.el9_7 (AXSA:2026-692:35)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-692:35 advisory. kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-46300 kernel: ptrace: require CAPSYSPTRACE when task has no ...

7.8CVSS5.3AI score0.03663EPSS
Exploits17References3
Qualys Blog
Qualys Blog
added 2026/05/20 3:40 p.m.15 views

CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path

The Qualys Threat Research Unit TRU has discovered and published the full advisory for CVE-2026-46333, a logic flaw in the Linux kernel's ptracemayaccess function that permits an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of...

7.1CVSS6.3AI score0.01241EPSS
Exploits6
Rosalinux
Rosalinux
added 2026/05/20 7:5 a.m.38 views

Advisory ROSA-SA-2026-3289

software: kernel-6.1 6.1.152 OS: ROSA-CHROME unaffected versions = kernel-6.1-6.1.1.152-4 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption and...

7.8CVSS5.8AI score0.03663EPSS
Exploits17
Rosalinux
Rosalinux
added 2026/05/20 7:5 a.m.26 views

Advisory ROSA-SA-2026-3290

software: kernel-5.15 5.15.193 WASP: ROSA-CHROME unaffected versions = kernel-5.15-5.15.193-6 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption...

7.8CVSS5.8AI score0.03663EPSS
Exploits17
Rosalinux
Rosalinux
added 2026/05/20 7:5 a.m.22 views

Advisory ROSA-SA-2026-3288

software: kernel-6.6 6.6.126 WASP: ROSA-CHROME unaffected versions = kernel-6.6-6.6.6.126-6 affected versions data.opnents field during buffer management. By exploiting the RDS TCP transport SORDSTRANSPORT=2 in conjunction with iouring, a local unprivileged attacker can cause memory corruption an...

7.8CVSS5.8AI score0.03663EPSS
Exploits17
Rows per page
Query Builder