Zed 安全漏洞

Zed is a code editor developed by Zed Industries. Versions of Zed prior to 0.227.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of shell references or validations for environment variable keys during SSH/WSL remote command execution. This allowed attackers to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix an off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value. However, eadata is located at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at...

CVE-2026-31614

A flaw was found in the Linux kernel's Server Message Block SMB client. An untrusted server can exploit an out-of-bounds read vulnerability within the checkwsleas function. This flaw allows the server to read up to 8 bytes beyond the intended memory boundary, leading to information disclosure. Th...

CVE-2026-31614

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...

CVE-2026-21242

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

CVE-2026-21242

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

CVE-2026-21237 Windows Subsystem for Linux Elevation of Privilege Vulnerability

...

CVE-2026-21242

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

Windows Subsystem for Linux Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

Windows Subsystem for Linux Elevation of Privilege Vulnerability

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

CVE-2025-62220

Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network...

CVE-2025-62220 Windows Subsystem for Linux GUI Remote Code Execution Vulnerability

...

Windows Subsystem for Linux GUI Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network...

Linux Distros Unpatched Vulnerability : CVE-2025-26675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. CVE-2025-26675 Note that Nessus relies on the...

CVE-2025-9074

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation ECI enabled, and with or without th...

CVE-2025-9074 Docker Desktop allows unauthenticated access to Docker Engine API from containers

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation ECI enabled, and with or without th...

PT-2025-34057

Name of the Vulnerable Software and Affected Versions Docker Desktop versions prior to 4.44.3 Description A flaw in the container isolation mechanism of Docker Desktop for Windows and macOS allows local Linux containers to gain unauthenticated access to the Docker Engine API via the configured...

Microsoft Windows Subsystem for Linux (WSL2) < 2.5.10 Kernel Elevation of Privilege (August 2025)

The version of Microsoft Windows Subsystem for Linux WSL2 on the remote Windows host is prior to 2.5.10. It is, therefore, affected by a kernel elevation of privilege vulnerability: - Time-of-check time-of-use toctou race condition in Windows Subsystem for Linux allows an authorized attacker to...

CVE-2025-53788 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability

...

KLA86591 PE vulnerability in Microsoft Open Source Software

An elevation of privilege vulnerability was found in Microsoft Open Source Software. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-53788 Related products Microsoft-Windows CVE list CVE-2025-53788 high Solution Install necessary updates from the KB...