SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2026:1648-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1648-1 advisory. Update to version 2.52.1. Security issues fixed: - CVE-2026-20643: processing maliciously crafted web content may bypass Same Origin Policy...

EUVD-2026-4954

Inspektor Gadget: Command Injection via malicious buildOptions manipulation...

Inspektor Gadget: Command Injection via malicious buildOptions manipulation

Impacted Resources inspektor-gadget/cmd/common/image/build.go inspektor-gadget/cmd/common/image/helpers/Makefile.build Description The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...

GHSA-79QW-G77V-2VFH Inspektor Gadget: Command Injection via malicious buildOptions manipulation

Impacted Resources inspektor-gadget/cmd/common/image/build.go inspektor-gadget/cmd/common/image/helpers/Makefile.build Description The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...

openSUSE 16 Security Update : dpdk (openSUSE-SU-2026:20148-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20148-1 advisory. Update to version 24.11.4. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak...

SUSE CVE-2026-24905

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...

CVE-2026-24905

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...

CVE-2026-24905 Inspektor Gadget has a Command Injection vulnerability in Makefile.build

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...

CVE-2026-24905 Inspektor Gadget has a Command Injection vulnerability in Makefile.build

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...

CVE-2026-24905

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...

CVE-2026-24905

CVE-2026-24905 affects Inspektor Gadget. The vulnerability arises from unsafe embedding of user-controlled data in the Makefile.build template used during ig image build, allowing command injection via buildOptions extracted from the gadget manifest. Before version 0.48.1, an attacker who can inf...

CVE-2026-24905 Inspektor Gadget has a Command Injection vulnerability in Makefile.build

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...

PT-2026-5359

Name of the Vulnerable Software and Affected Versions Inspektor Gadget versions prior to 0.48.1 Description Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary includes a subcommand for image...

Exploit for Off-by-one Error in Sudo_Project Sudo

This is a PoC exploit for CVE-2021-3156, a sudo vulnerability dubbed Baron Samedit by Qualys. The exploit is written in C and uses a heap overflow technique to gain elevated privileges. The exploit is designed to be run on a system with the vulnerable sudo version installed. The usage of the...

Linux Distros Unpatched Vulnerability : CVE-2019-13628

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL and wolfCrypt 4.0.0 and earlier when configured without --enable-fpecc, --enable-sp, or --enable- sp-math contain a timing side channel in ECDSA signatu...

Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to release 3.49.1: Improve portability of makefiles and configure scripts. CVE-2025-29087, bsc1241020: Fix a bug in the concatws function, introduced in version 3.44.0, that could lead to a memory error if the separator string is very lar...

PT-2022-22329 · Jenkins · Jenkins Testng Results Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins TestNG Results Plugin versions 554.va4a552116332 and earlier Description: The issue is related to a cross-site scripting XSS vulnerability. It occurs when the Jenkins TestNG Results Plugin renders unescaped test descriptions and...

SUSE-SU-2020:1695-2 Security update for osc

This update for osc to 0.169.1 fixes the following issues: Security issue fixed: - CVE-2019-3681: Fixed an insufficient validation of network-controlled filesystem paths bsc1122675. Non-security issues fixed: - Improved the speed and usability of osc bash completion. - improved some error message...

LinPwn - Interactive Post Exploitation Tool

LinPwn is a interactive tool created to assist you in post exploitation enumeration and privilege escalation. Connection Set your IP and port you want it to connect to in the Connection class. Place the LinPwn binary on the target machine. Run nc -lvp PORT on your machine and then run LinPwn on t...

openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-944)

This update for java-180-openjdk fixes the following issues : - Upgrade to version jdk8u101 icedtea 3.1.0 - New in release 3.1.0 2016-07-25 : - Security fixes - S8079718, CVE-2016-3458: IIOP Input Stream Hooking boo989732 - S8145446, CVE-2016-3485: Perfect pipe placement Windows only boo989734 -...