Astra Linux - уязвимость в golang-1.19

On Unix platforms, the Go runtime behaves differently when a binary is run with the setuid/setgid bits enabled. This can be dangerous in certain situations, such as when dumping memory state or assuming the status of standard I/O file descriptors. If a setuid/setgid binary is executed with standa...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 "Copy Fail" — Vulnerability Detection Script S...

VMware Fusion 安全漏洞

VMware Fusion is a virtual machine software developed by VMware Corporation in the United States, designed specifically for running Windows applications on Apple machines. VMware Fusion has a security vulnerability, which stems from an TOCTOU issue during the execution of SETUID binary files. Thi...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

Vulnerability Overview | Item | Content...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 - Copy Fail - Script de detection Script Pytho...

Astra Linux - уязвимость в glibc

A vulnerable environment variable in the Untrusted LDLIBRARYPATH setting in the GNU C Library, versions 2.27 to 2.38, allows attackers to control the loading of dynamically shared libraries in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or...

Exploit for CVE-2026-31431

Copy Fail CVE-2026-31431 - Comprehensive Writeup 1. Vuln...

Exploit for CVE-2026-31431

Copy-Fail-CVE-2026-31431 A proof-of-concept exploit reprodu...

Exploit for CVE-2026-31431

copyFail.py — CVE Exploit Analysis Report Summary copyFa...

Exploit for CVE-2026-31431

CVE-2026-31431 Copy Fail Detection Toolkit Detection and an...

Exploit for CVE-2026-31431

CVE-2026-31431 — Copy Fail 中文版 732 Bytes t...

CVE-2026-29124

Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 in International Data Casting IDC SFX2100 Satellite Receiver, which may lead to local privlidge escalation from t...

CVE-2026-29127 Incorrect Permission Assignment(777) on `monitor` Users Home Directory Containing SUID Root Binaries in IDC SFX2100

The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...

PT-2026-23120

Name of the Vulnerable Software and Affected Versions International Data Casting IDC SFX2100 Satellite Receiver affected versions not specified Description Multiple SUID root-owned binaries are present in the following directories: /home/monitor/terminal, /home/monitor/kore-terminal,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glibc (UTSA-2026-005215)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005215 advisory. Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library...

MiracleLinux 8 : glibc-2.28-101.el8 (AXSA:2020-376:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-376:03 advisory. glibc: LDPREFERMAP32BITEXEC not ignored in setuid binaries CVE-2019-19126 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : glibc-2.17-317.el7 (AXSA:2020-551:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-551:04 advisory. glibc: LDPREFERMAP32BITEXEC not ignored in setuid binaries CVE-2019-19126 Tenable has extracted the preceding description block directly from the MiracleLinux...

OESA-2025-2755 containerd security update

containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

SUSE CVE-2025-64507

Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the security.shifted property set to true...

PT-2025-44722

Name of the Vulnerable Software and Affected Versions OpenSMTPD affected versions not specified Description The software is susceptible to a denial-of-service condition through the use of a UNIX domain socket. The issue involves a potential for disruption of service. Recommendations At the moment...