Lucene search
K

1832 matches found

RedHat Linux
RedHat Linux
added 5 days ago9 views

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

7.8CVSS7.4AI score0.03663EPSS
Exploits11References5
CVE
CVE
added 2026/06/27 9:22 a.m.19 views

CVE-2026-49414

CVE-2026-49414 is a local ASLR bypass in FreeBSD: the ELF image activator clears per-process ASLR preferences for setuid binaries after computing the PIE base, allowing an unprivileged local user to disable ASLR for a setuid PIE binary via procctl(2) before execve(2). This makes exploitation of a...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/27 9:22 a.m.35 views

CVE-2026-49414 ASLR bypass for setuid executables via procctl(2)

The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen. An unprivileged local user ca...

0.00106EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.11 views

PT-2026-53064

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The ELF image activator cleared per-process ASLR Address Space Layout Randomization, a security technique that randomizes memory addresses to prevent exploitatio...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/26 11:20 p.m.6 views

EUVD-2026-39483

pnpm: Repository-controlled configDependencies can select a pacquet native install engine...

7.5CVSS5.8AI score0.00127EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 6:24 p.m.5 views

Malicious code in @appupdate/cdn-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 445a7b613694730e29915d732e3df0700d145622b279b62b0a141c76211e6f14 Package @appupdate/cdn-sync ships as a thin koffi wrapper around prebuilt Go cgo native libraries 12MB linux.so, 11MB darwin.dylib for x64/arm64. The...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/26 6:24 p.m.5 views

MAL-2026-6531 Malicious code in @appupdate/cdn-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 445a7b613694730e29915d732e3df0700d145622b279b62b0a141c76211e6f14 Package @appupdate/cdn-sync ships as a thin koffi wrapper around prebuilt Go cgo native libraries 12MB linux.so, 11MB darwin.dylib for x64/arm64. The...

5.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.7 views

PT-2026-52989

Name of the Vulnerable Software and Affected Versions DMP-5000 affected versions not specified Description The file service allows authenticated users to upload files of any type without validation. The system does not enforce file extension filtering or content inspection, which enables the uplo...

8.4CVSS5.8AI score0.00341EPSS
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/22 10:38 p.m.9 views

Malicious code in web3-token-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c826bf782895b60580b94e3a28a2c4562d3742420ce81e9895ad8568da57890 The package advertises itself as a Web3 fee utility but its main export is a dropper. index.js line 140 base64-decodes a platform-specific command...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/06/22 10:38 p.m.7 views

MAL-2026-6274 Malicious code in web3-token-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c826bf782895b60580b94e3a28a2c4562d3742420ce81e9895ad8568da57890 The package advertises itself as a Web3 fee utility but its main export is a dropper. index.js line 140 base64-decodes a platform-specific command...

5.8AI score
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Golang-github-appc-cni

A flaw in path name limitations was identified in containernetworking/cni in versions prior to 0.8.1. When specifying the plugin to be loaded in the ‘type’ field of the network configuration, it is possible to use special elements such as “/” separators to reference binaries located elsewhere on...

7.2CVSS6.5AI score0.01525EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 7:26 p.m.15 views

CVE-2026-48980

The PAM module pam_usb is affected by a local-access vulnerability in earlier releases (pre-0.9.2) where getenv() in a PAM context returns attacker-controlled values for XRDP_SESSION, DISPLAY, and TMUX when the environment is manipulated by a local user. These values influence local-vs-remote ses...

6.3CVSS5.3AI score0.00127EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/18 8:32 a.m.10 views

EUVD-2025-210275

Worksnaps before version 1.6.20260201 contains hardcoded cloud credentials and related secret material in the Worksnaps client application binaries. The exposed credentials included AWS access keys, S3 bucket names, and related cloud access information. The originally exposed AWS credentials...

9.3CVSS5.4AI score0.00388EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/18 8:32 a.m.23 views

CVE-2025-10560 Hardcoded cloud credentials in Worksnaps client application binaries expose production cloud resources

Worksnaps before version 1.6.20260201 contains hardcoded cloud credentials and related secret material in the Worksnaps client application binaries. The exposed credentials included AWS access keys, S3 bucket names, and related cloud access information. The originally exposed AWS credentials...

9.3CVSS0.00388EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/18 8:32 a.m.7 views

CVE-2025-10560

Worksnaps before version 1.6.20260201 contains hardcoded cloud credentials and related secret material in the Worksnaps client application binaries. The exposed credentials included AWS access keys, S3 bucket names, and related cloud access information. The originally exposed AWS credentials...

9.3CVSS5.3AI score0.00388EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/16 8:29 p.m.10 views

Important: Red Hat Security Advisory: Helm CLI v4.1.4 release

General availability release of Helm CLI v4.1.4. Helm is the package manager for Kubernetes, used to define, install, and upgrade applications as reusable charts. This release delivers the Helm v4.1.4 binaries built and distributed by Red Hat...

8.6CVSS5.2AI score0.00199EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2026/06/16 10:6 a.m.55 views

binary-exploitation-labs

Binary Exploitation & Reverse Engineering Labs Hands-on labs...

5.3AI score
Exploits0
EUVD
EUVD
added 2026/06/15 10:4 a.m.9 views

EUVD-2026-36709

Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a path traversal vulnerability in the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. The application constructs a file path using attacker-controlled input without sufficient validation,...

7.1CVSS5.5AI score0.00394EPSS
Exploits1References2
CVE
CVE
added 2026/06/15 10:4 a.m.16 views

CVE-2026-34026

CVE-2026-34026 concerns Wertheim SafeController Software (AssemblyVersion 6.15.8328.28014). The vulnerability is a path traversal in the /safe/selfservice/openselfservicedocument endpoint, where the application builds a file path from attacker-controlled input in the documentName parameter withou...

7.1CVSS5.5AI score0.00394EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.13 views

PT-2026-49197

Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a path traversal vulnerability in the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. The application constructs a file path using attacker-controlled input without sufficient validation,...

7.1CVSS5.4AI score0.00394EPSS
Exploits1References3
Rows per page
Query Builder