Unity Linux 20.1070e Security Update: keepalived (UTSA-2026-016728)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016728 advisory. In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This...

Astra Linux - уязвимость в keepalived

In Keepalived versions up to 2.2.4, the D-Bus mechanism does not sufficiently restrict the destination of messages, allowing any user to inspect and manipulate any property. This leads to bypasses of access controls in some situations, where a unrelated D-Bus system service has a settable writabl...

Malicious code in claw-subagent-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36657c2be433b784c573082d364304325acccf033f70df17dbfe104b0173ccbe claw-subagent-service installs itself as a privileged auto-starting system service Windows service via post-install.js svc.install, with documented...

CVE-2021-47945

CVE-2021-47945 affects Argus Surveillance DVR 4.0 through an unquoted service path in the DVRWatchdog service. The root cause is the unquoted binary path, enabling a local attacker to escalate privileges by placing a malicious executable in the Program Files directory, which the service will exec...

CVE-2026-34464

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMEDPIPEOPENREQ into a fixed WCHAR pipename160 stack buffer using wcscat without verifying null termination. The handler only...

Astra Linux - уязвимость в glib2.0

An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based...

CVE-2026-4606

GV Edge Recording Manager ERM v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. During installation, ERM creates a Windows service that runs under the LocalSystem account. When the ERM application is...

CVE-2026-4606

GV Edge Recording Manager ERM v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. During installation, ERM creates a Windows service that runs under the LocalSystem account. When the ERM application is...

Huawei EMUI and Huawei HarmonyOS System Service Framework Privilege Bypass Vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A privilege bypass vulnerability exists in the Huawei EMUI and Huawei HarmonyOS system service framework, which c...

CVE-2026-28542

Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability...

EUVD-2026-9812

Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-28542

Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-28542

Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-28542

A CVE entry for CVE-2026-28542 describes a permission bypass in the system service framework. The vulnerability is local (attack vector: LOCAL) with low attack complexity and no required privileges, and it could affect availability (C: High, I: Low, A: Low) per CVSS v3.1 (score 7.3, HIGH). The de...

CVE-2026-28542

Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-28542

Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-28542

Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability...

PT-2026-23428

Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability...

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. A privilege bypass vulnerability exists in the Huawei EMUI and Huawei HarmonyOS system service framework, which c...

CVE-2026-23762

VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively, as well as VB-Audio Matrix and Matrix Coconut versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively, contain a vulnerability in their virtual aud...