CVE-2026-45253

ptracePTSCREMOTE failed to properly validate parameters for the syscall2 and syscall2 meta-system calls. As a result, a user with the ability to debug a process may trigger arbitrary code execution in the kernel, even if the target process has no special privileges. The missing validation allows ...

Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation

Cybersecurity researchers have disclosed multiple security vulnerabilities within the Linux kernel's AppArmor module that could be exploited by unprivileged users to circumvent kernel protections, escalate to root, and undermine container isolation guarantees. The nine confused deputy...

PT-2026-7311

Name of the Vulnerable Software and Affected Versions IntelR NPU Drivers affected versions not specified Description A flaw exists in some firmware for IntelR NPU Drivers within Ring 3. This issue may allow an unprivileged software adversary with an authenticated user and a low complexity attack ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002746)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002746 advisory. A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilegeCPL lev...

CVE-2025-53841

CVE-2025-53841 affects Akamai Guardicore Platform Agent on Windows, with local privilege escalation via a crafted openssl.cnf in a world-writable location. An unprivileged user can specify a DLL path in a custom OpenSSL engine to execute commands with SYSTEM privileges because the agent runs unde...

Important: nvidia-imex-570

Issue Overview: NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

CVE-2024-48920 PutongOJ: unprivileged users can escalate privileges by constructing requests

PutongOJ is online judging software. Prior to version 2.1.0-beta.1, unprivileged users can escalate privileges by constructing requests. This can lead to unauthorized access, enabling users to perform admin-level operations, potentially compromising sensitive data and system integrity. This probl...

CVE-2024-6619

In the provided documents, CVE-2024-6619 is described as an Incorrect Permission Assignment for Critical Resource affecting Ocean Data Systems Dream Report. Affected components are Dream Report 2023 (and AVEVA Reports for Operations 2023) with versions up to 23.0.17795.1010. The root cause is inc...

CVE-2021-31727

Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 where IOCTL's 0x80002014, 0x80002018 expose unrestricted disk read/write capabilities respectively. A non-privileged process can open a handle to .\ZemanaAntiMalware, register with the driver using IOCTL...

Design/Logic Flaw

shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing...

Updated nagios packages fix security vulnerabilities

The nagios package has been patched to fix the following issues: Improper sanitization of RSS feed input enables unauthenticated remote read and write of arbitrary files CVE-2016-9565. Unsafe logfile handling allows unprivileged users to escalate their privileges to root CVE-2016-9566...

kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt()

A flaw was found in the way the pppol2tpsetsockopt and pppol2tpgetsockopt functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOLPPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system...