CVE-2025-71216

A time-of-check time-of-use vulnerability in the Trend Micro Apex One mac agent cache mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...

CVE-2025-71216

A time-of-check time-of-use vulnerability in the Trend Micro Apex One mac agent cache mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...

CVE-2025-71216

A time-of-check time-of-use vulnerability in the Trend Micro Apex One mac agent cache mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to...

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

CLEANSTART-2026-VJ54611 Security fixes for CVE-2025-13281, CVE-2025-47950, CVE-2025-5187, CVE-2025-58063, CVE-2025-64702, CVE-2025-68151, CVE-2026-26017, CVE-2026-26018, CVE-2026-32934, CVE-2026-32936, CVE-2026-33190, CVE-2026-33489, CVE-2026-33811, CVE-2026-33814, CVE-2026-35579, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-2wpx-qpw2-g5h5, ghsa-4x4m-3c2p-qppc, ghsa-527x-5wrf-22m2, ghsa-63cw-r7xf-jmwr, ghsa-93mf-426m-g6x9, ghsa-c9v3-4pv7-87pr, ghsa-cvx7-x8pj-x2gw, ghsa-g754-hx8w-x2g6, ghsa-h75p-j8xm-m278, ghsa-h8mm-c463-wjq3, ghsa-qhmp-q7xh-99rh, ghsa-r6j8-c6r2-37rr, ghsa-vp29-5652-4fw9 applied in versions: 1.25.0-r2

Multiple security vulnerabilities affect the kubernetes-dns-node-cache package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-SL86558 Security fixes for CVE-2024-7598, CVE-2026-32934, CVE-2026-32936, CVE-2026-33190, CVE-2026-33489, CVE-2026-33811, CVE-2026-33814, CVE-2026-35579, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, ghsa-2wpx-qpw2-g5h5, ghsa-63cw-r7xf-jmwr, ghsa-h8mm-c463-wjq3, ghsa-qhmp-q7xh-99rh, ghsa-vp29-5652-4fw9 applied in versions: 1.26.8-r0, 1.26.8-r1

Multiple security vulnerabilities affect the kubernetes-dns-node-cache package. These issues are resolved in later releases. See references for individual vulnerability details...

Possible cache poisoning via promiscuous records for the authority section

...

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copy-fail CVE-2026-31431 Copy Fail – a C language PoC,...

PT-2026-42812

Name of the Vulnerable Software and Affected Versions ImageMagick affected versions not specified Description A race condition in the magick -distribute-cache service allows a remote attacker to hijack a file descriptor within the server process. Recommendations At the moment, there is no...

PT-2026-42568

Name of the Vulnerable Software and Affected Versions Concrete CMS versions prior to 9.5.0 Description Cross Site Request Forgery CSRF is possible at the 'concrete/controllers/dialog/page/bulk/cache' endpoint. CSRF is a type of attack that tricks a victim into submitting a malicious request. It...

PT-2026-42588

Description IntlExtension memoises every IntlDateFormatter and NumberFormatter it creates in instance-level arrays keyed on a hash that includes locale, pattern, attrs and other values that are ordinary named arguments of the format datetime / format date / format time / format number / format...

PT-2026-42680

Summary Deleted API tokens continued to authenticate requests until their cache entry expired, because the auth cache was not invalidated by token value at deletion time. Details The API token deletion path removed the database row but did not evict the token-value keyed entry from the auth cache...

PT-2026-42811

Name of the Vulnerable Software and Affected Versions ImageMagick affected versions not specified Description An attacker capable of connecting to a magick -distribute-cache service can trigger a heap buffer over-write within the server process. A heap buffer over-write occurs when a program writ...

📄 dompdf Remote Code Execution

This Metasploit module exploits CVE-2022-28368, a remote code execution vulnerability in dompdf versions prior to 1.2.1. The vulnerability exists because dompdf preserves the original file extension when caching fonts downloaded via CSS @font-face rules. By pointing a @font-face src to a .php fil...

Fedora 42 : kernel (2026-32ae3b7199)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-32ae3b7199 advisory. The 6.19.14-107 update contains a fix for a SKBFLSHAREDFRAG page-cache corruption vulnerability. Tenable has extracted the preceding description block direct...

UFONet 2.0

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc...

PT-2026-42622

Summary Deleted API tokens continued to authenticate requests until their cache entry expired, because the auth cache was not invalidated by token value at deletion time. Details The API token deletion path removed the database row but did not evict the token-value keyed entry from the auth cache...

PT-2026-42814

Name of the Vulnerable Software and Affected Versions ImageMagick affected versions not specified Description An attacker capable of connecting to a magick -distribute-cache service can trigger a heap buffer over-read in the server process. A heap buffer over-read occurs when a program reads data...

F5 Networks BIG-IP : BIG-IP DNS Cache vulnerability (K000160945)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000160945 advisory. When a BIG-IP DNS profile enabled with DNS cache is configured on a virtual server, undisclosed traffi...