Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

39 matches found

RedHat Linux
RedHat Linuxadded 6 days ago12 views

Important: Red Hat Security Advisory: Satellite 6.16.9 Async Update

An update is now available for Red Hat Satellite 6.16 for RHEL 8 and RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.1CVSS7.7AI score0.00522EPSS
Exploits3References11
OSV
OSVadded 2026/06/11 12:5 p.m.13 views

RLSA-2026:24716 Important: yggdrasil security update

yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child "worker" process, exchanging data with its worker processes through a D-Bus message broker. Security Fixes: crypto/x509: golang: Go crypto/x509: Denial of...

7.8CVSS7.4AI score0.00378EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/06/09 7:7 a.m.19 views

Important: Red Hat Security Advisory: yggdrasil security update

An update for yggdrasil is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

7.5CVSS5.7AI score0.00378EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/06/08 12:0 a.m.11 views

Amazon Linux 2 : amazon-cloudwatch-agent, --advisory ALAS2-2026-3323 (ALAS-2026-3323)

The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300066.2-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3323 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in...

9.8CVSS6AI score0.00685EPSS
Exploits1References38
Tenable Nessus
Tenable Nessusadded 2026/06/05 12:0 a.m.9 views

RockyLinux 10 : image-builder (RLSA-2026:22937)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22937 advisory. golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls...

10CVSS6.9AI score0.00765EPSS
Exploits2References17
OSV
OSVadded 2026/05/29 4:3 p.m.9 views

RLSA-2026:19133 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 golang:...

7.8CVSS7.3AI score0.0052EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2026/05/29 12:0 a.m.17 views

RockyLinux 9 : opentelemetry-collector (RLSA-2026:19353)

The remote RockyLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2026:19353 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go:...

9.1CVSS5.8AI score0.00522EPSS
Exploits1References17
Rockylinux
Rockylinuxadded 2026/05/28 3:43 p.m.15 views

git-lfs security update

An update is available for git-lfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, videos...

7.5CVSS7.3AI score0.0052EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2026/05/14 12:0 a.m.7 views

Amazon Linux 2 : runc, --advisory ALAS2NITRO-ENCLAVES-2026-102 (ALASNITRO-ENCLAVES-2026-102)

The version of runc installed on the remote host is prior to 1.3.4-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-102 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go...

9.8CVSS6AI score0.00536EPSS
Exploits0References18
RedHat Linux
RedHat Linuxadded 2026/05/13 3:12 p.m.8 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS7.2AI score0.00292EPSS
Exploits0References8
OSV
OSVadded 2026/05/13 12:0 a.m.7 views

ALSA-2026:17075 Important: yggdrasil security update

yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child "worker" process, exchanging data with its worker processes through a D-Bus message broker. Security Fixes: golang: internal/syscall/unix: Root.Chmod can...

7.5CVSS7.3AI score0.00449EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2026/05/08 12:0 a.m.5 views

MiracleLinux 8 : grafana-pcp-5.1.1-14.el8_10 (AXSA:2026-569:07)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-569:07 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via...

7.5CVSS7.4AI score0.00449EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/05/06 3:34 p.m.11 views

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7.3AI score0.00449EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.6 views

Amazon Linux 2 : containerd, --advisory ALAS2DOCKER-2026-112 (ALASDOCKER-2026-112)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-112 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compil...

9.8CVSS6.8AI score0.00536EPSS
Exploits0References22
RedhatCVE
RedhatCVEadded 2026/04/24 8:16 p.m.3 views

CVE-2026-35338

A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the target path is literally / and does not canonicalize the path. An attacker or accidental user can use path variants such as /../ or symbol...

7.3CVSS5.5AI score0.00175EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/22 6:31 p.m.7 views

EUVD-2026-24963

A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the target path is literally / and does not canonicalize the path. An attacker or accidental user can use path variants such as /../ or symbol...

7.3CVSS5.9AI score0.00175EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2026/04/22 6:31 p.m.24 views

uutils coreutils allows users to bypass the --preserve-root safety mechanism

A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the target path is literally / and does not canonicalize the path. An attacker or accidental user can use path variants such as /../ or symbol...

7.3CVSS5.5AI score0.00175EPSS
Exploits0References5Affected Software1
NVD
NVDadded 2026/04/22 5:16 p.m.8 views

CVE-2026-35338

A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the target path is literally / and does not canonicalize the path. An attacker or accidental user can use path variants such as /../ or symbol...

7.3CVSS0.00175EPSS
Exploits0References2
CVE
CVEadded 2026/04/22 4:7 p.m.13 views

CVE-2026-35338

Summary: CVE-2026-35338 affects the chmod utility in the uutils coreutils package. The vulnerability arises because the implementation only checks if the target path is exactly “/” and does not canonicalize the path, allowing path variants like “/../” or symbolic links to bypass --preserve-root. ...

7.3CVSS5.9AI score0.00175EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2026/04/22 4:7 p.m.27 views

CVE-2026-35338 uutils coreutils chmod Path Traversal Bypass of --preserve-root

A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the target path is literally / and does not canonicalize the path. An attacker or accidental user can use path variants such as /../ or symbol...

7.3CVSS0.00175EPSS
Exploits0References2
Rows per page
Query Builder