Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/05/20 10:16 a.m.1 views

ALPINE-CVE-2026-41054

In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the connecting user is not root cred.uid != 0 and prepares a negative acknowledgement ASCIINAK, it fails to stop execution. The code proceeds...

7.8CVSS6AI score0.00004EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/20 8:56 a.m.5 views

CVE-2026-41054

In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the connecting user is not root cred.uid != 0 and prepares a negative acknowledgement ASCIINAK, it fails to stop execution. The code proceeds...

7.8CVSS6AI score0.00004EPSS
Exploits0References2
NVD
NVDadded 2026/05/01 5:16 p.m.1 views

CVE-2026-37526

AGL app-framework-binder afb-daemon through v19.90.0 allows any local process to execute privileged supervision commands Exit, Do, Sclose, Config, Trace, Debug, Token, slist without authentication via the abstract Unix socket @urn:AGL:afs:supervision:socket. The onsupervisioncall function in...

7.8CVSS0.00024EPSS
Exploits0References2
CVE
CVEadded 2026/05/01 12:0 a.m.2 views

CVE-2026-37526

CVE-2026-37526 affects AGL app-framework-binder (afb-daemon) up to v19.90.0. The issue arises in the abstract Unix socket @urn:AGL:afs:supervision:socket where the function on_supervision_call dispatches eight supervision commands (Exit, Do, Sclose, Config, Trace, Debug, Token, slist) without any...

7.8CVSS6AI score0.00024EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/05/01 12:0 a.m.1 views

CVE-2026-37526

AGL app-framework-binder afb-daemon through v19.90.0 allows any local process to execute privileged supervision commands Exit, Do, Sclose, Config, Trace, Debug, Token, slist without authentication via the abstract Unix socket @urn:AGL:afs:supervision:socket. The onsupervisioncall function in...

7.8CVSS6AI score0.00024EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2022/10/27 10:24 a.m.2 views

device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket

A vulnerability was found in the device-mapper-multipath. The device-mapper-multipath allows local users to obtain root access, exploited alone or in conjunction with CVE-2022-41973. Local users that are able to write to UNIX domain sockets can bypass access controls and manipulate the multipath...

7.8CVSS5.7AI score0.00231EPSS
Exploits5References5
OSV
OSVadded 2020/12/01 3:15 a.m.2 views

DEBIAN-CVE-2020-15257

containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified that the connecting...

5.2CVSS6.2AI score0.13305EPSS
Exploits4References1
Veracode
Veracodeadded 2020/04/10 12:46 a.m.14 views

Denial Of Service (DoS)

lvm2-cluster is vulnerable to denial of service. It was discovered that the cluster logical volume manager daemon clvmd did not verify the credentials of clients connecting to its control UNIX abstract socket, allowing local, unprivileged users to send control commands that were intended to only ...

4.6CVSS4.2AI score0.00097EPSS
Exploits1References13Affected Software1
Rows per page
Query Builder