CVE-2021-47774

CVE-2021-47774 affects Kingdia CD Extractor 3.0.2. A buffer overflow in the registration name field allows an attacker to execute arbitrary code by crafting a payload exceeding 256 bytes to overwrite the Structured Exception Handler, enabling remote code execution via a bind shell. This is consis...

OPENSUSE-SU-2026:20039-1 Security update for bind

This update for bind fixes the following issues: - Upgrade to release 9.20.15 Security Fixes: CVE-2025-40778: Fixed cache poisoning attacks with unsolicited RRs bsc1252379 CVE-2025-40780: Fixed cache poisoning due to weak PRNG bsc1252380 CVE-2025-8677: Fixed resource exhaustion via malformed DNSK...

runc: container escape via 'masked path' abuse due to mount race conditions

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instea...

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002708)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002708 advisory. The qmiwwanbind function in drivers/net/usb/qmiwwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service divide-by-zero error and...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003125)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003125 advisory. fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002483)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002483 advisory. fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount o...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002088)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002088 advisory. The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows...

PT-2026-3157

Name of the Vulnerable Software and Affected Versions Ether MP3 CD Burner version 1.3.8 Description The software contains a buffer overflow issue in the registration name field. This allows for remote code execution. An attacker can create a malicious payload to overwrite SEH handlers and execute...

PT-2026-3050

YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a...

PT-2026-3049

Kingdia CD Extractor 3.0.2 contains a buffer overflow vulnerability in the registration name field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload exceeding 256 bytes to overwrite Structured Exception Handler and gain remote code execution through a bind...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003322)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003322 advisory. fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service...

EulerOS 2.0 SP12 : docker-runc (EulerOS-SA-2026-1067)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 throug...

EulerOS 2.0 SP12 : bind (EulerOS-SA-2026-1062)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001909)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001909 advisory. The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001946)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001946 advisory. The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to...

EulerOS 2.0 SP10 : bind (EulerOS-SA-2026-1019)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. Thi...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002230)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002230 advisory. fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount o...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002294)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002294 advisory. The rfcommsockbind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002340 advisory. The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to...