Lucene search
+L

235 matches found

Cvelist
Cvelist
added 2026/06/27 9:22 a.m.36 views

CVE-2026-49414 ASLR bypass for setuid executables via procctl(2)

The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen. An unprivileged local user ca...

0.00106EPSS
Exploits0References1
CVE
CVE
added 2026/06/27 9:22 a.m.29 views

CVE-2026-49414

CVE-2026-49414 is a local ASLR bypass in FreeBSD: the ELF image activator clears per-process ASLR preferences for setuid binaries after computing the PIE base, allowing an unprivileged local user to disable ASLR for a setuid PIE binary via procctl(2) before execve(2). This makes exploitation of a...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.12 views

PT-2026-53064

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The ELF image activator cleared per-process ASLR Address Space Layout Randomization, a security technique that randomizes memory addresses to prevent exploitatio...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References8
CVE
CVE
added 2026/06/18 7:26 p.m.18 views

CVE-2026-48980

The PAM module pam_usb is affected by a local-access vulnerability in earlier releases (pre-0.9.2) where getenv() in a PAM context returns attacker-controlled values for XRDP_SESSION, DISPLAY, and TMUX when the environment is manipulated by a local user. These values influence local-vs-remote ses...

6.3CVSS5.3AI score0.00127EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 7:26 p.m.3 views

CVE-2026-48980 pam_usb: getenv() used in PAM context allows environment variable injection into local-check logic

pamusb provides hardware authentication for Linux using removable media. In versions prior to 0.9.2, getenv environment variables XRDPSESSION, DISPLAY and TMUX allow environment variable injection into local-check logic. These environment variables influence whether a current session is local or...

6.3CVSS5.9AI score0.00127EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.5 views

FreeBSD : FreeBSD-kernel -- ASLR bypass for setuid executables via procctl(2) (7e61007e-6474-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7e61007e-6474-11f1-958d-bc241121aa0a advisory. The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code th...

7.8CVSS5.5AI score0.00106EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.5 views

FreeBSD : FreeBSD -- Flaw in Linuxulator execution of setugid binaries (fa5289e4-6473-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fa5289e4-6473-11f1-958d-bc241121aa0a advisory. The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the PSUGID...

7.1CVSS5.4AI score0.00098EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.9 views

FreeBSD Security Advisory - FreeBSD-SA-26:32.elf

FreeBSD Security Advisory - The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen...

5.5AI score0.00106EPSS
Exploits0
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.28 views

FreeBSD-kernel -- ASLR bypass for setuid executables via procctl(2)

Problem Description: The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen. Impact: ...

7.8CVSS5.5AI score0.00106EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Golang-1.19

On Unix platforms, the Go runtime behaves differently when a binary is run with the setuid/setgid bits enabled. This can be dangerous in certain situations, such as when dumping memory state or assuming the status of standard I/O file descriptors. If a setuid/setgid binary is executed with standa...

7.8CVSS6.8AI score0.00429EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/19 9:7 a.m.109 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 "Copy Fail" — Vulnerability Detection Script S...

7.8CVSS7.5AI score0.96267EPSS
Exploits230
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.14 views

VMware Fusion 安全漏洞

VMware Fusion is a virtual machine software developed by VMware Corporation in the United States, designed specifically for running Windows applications on Apple machines. VMware Fusion has a security vulnerability, which stems from an TOCTOU issue during the execution of SETUID binary files. Thi...

7.8CVSS6.1AI score0.00122EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/07 7:4 a.m.106 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

Vulnerability Overview | Item | Content...

7.8CVSS7.2AI score0.96267EPSS
Exploits230
GithubExploit
GithubExploit
added 2026/05/05 10:9 a.m.100 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 - Copy Fail - Script de detection Script Pytho...

7.8CVSS6AI score0.96267EPSS
Exploits230
GithubExploit
GithubExploit
added 2026/04/30 4:19 p.m.103 views

Exploit for CVE-2026-31431

Copy Fail CVE-2026-31431 - Comprehensive Writeup 1. Vuln...

7.8CVSS6.7AI score0.96267EPSS
Exploits230
GithubExploit
GithubExploit
added 2026/04/30 3:36 p.m.96 views

Exploit for CVE-2026-31431

Copy-Fail-CVE-2026-31431 A proof-of-concept exploit reprodu...

7.8CVSS6.4AI score0.96267EPSS
Exploits230
GithubExploit
GithubExploit
added 2026/04/30 3:18 p.m.111 views

Exploit for CVE-2026-31431

copyFail.py — CVE Exploit Analysis Report Summary copyFa...

7.8CVSS6.4AI score0.96267EPSS
Exploits230
GithubExploit
GithubExploit
added 2026/04/30 9:43 a.m.105 views

Exploit for CVE-2026-31431

CVE-2026-31431 Copy Fail Detection Toolkit Detection and an...

7.8CVSS6.4AI score0.96267EPSS
Exploits230
GithubExploit
GithubExploit
added 2026/04/30 2:57 a.m.99 views

Exploit for CVE-2026-31431

CVE-2026-31431 — Copy Fail 中文版 732 Bytes t...

7.8CVSS5.8AI score0.96267EPSS
Exploits230
RedhatCVE
RedhatCVE
added 2026/03/06 1:34 a.m.8 views

CVE-2026-29124

Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 in International Data Casting IDC SFX2100 Satellite Receiver, which may lead to local privlidge escalation from t...

8.6CVSS5.8AI score0.00119EPSS
Exploits1References1
Rows per page
Query Builder