Lucene search
K

929 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.8 views

Ubuntu 26.04 LTS : Linux kernel (OEM) vulnerabilities (USN-8489-1)

"The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8489-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag....

9.8CVSS7.3AI score0.93235EPSS
Exploits73References166
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.7 views

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-8497-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8497-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as...

9.8CVSS7.3AI score0.93235EPSS
Exploits61References322
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.6 views

Ubuntu 24.04 LTS : Linux kernel (Xilinx) vulnerabilities (USN-8499-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8499-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

9.8CVSS7.3AI score0.96267EPSS
Exploits287References517
OSV
OSV
added 2026/07/02 4:14 p.m.3 views

USN-8501-1 linux vulnerabilities

It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-43503 Several security issues...

9.8CVSS7.1AI score0.00563EPSS
Exploits11References15
OSV
OSV
added 2026/07/02 3:56 p.m.4 views

USN-8499-1 linux-xilinx vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS7.2AI score0.96267EPSS
Exploits287References517
OSV
OSV
added 2026/07/01 2:46 p.m.7 views

USN-8489-1 linux-oem-7.0 vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

9.8CVSS7.2AI score0.93235EPSS
Exploits73References166
OSV
OSV
added 2026/06/26 6:31 p.m.4 views

GHSA-2Q3F-Q5PQ-G8WV Incus has an arbitrary file read+write on host via rootfs/ symlink in malicious image

Summary A specially crafted image can be used to read or create/write arbitrary files on the host; possibly leading to arbitrary command execution. Details Incus validates an image as soon as it sees a normal metadata.yaml and a rootfs/ entry, but full extraction can later process a duplicate...

9.9CVSS6AI score
Exploits0References2
Cvelist
Cvelist
added 2026/06/26 4:23 p.m.35 views

CVE-2026-54636 Dokku: OS Command Injection via app.json managed Cron

Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special shell characters - including, but not limited to, or ; - can break out of the Docker container and...

9CVSS0.00274EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.8 views

Ubuntu 26.04 LTS : Linux kernel (Azure) vulnerabilities (USN-8461-1)

The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8461-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. ...

8.8CVSS7.1AI score0.93235EPSS
Exploits57References19
Ubuntu
Ubuntu
added 2026/06/22 11:17 p.m.9 views

USN-8462-1: Linux kernel (Oracle) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS7.1AI score0.96267EPSS
Exploits283
Ubuntu
Ubuntu
added 2026/06/22 11:1 p.m.9 views

USN-8388-2: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS7AI score0.93235EPSS
Exploits57
NVD
NVD
added 2026/06/18 7:16 p.m.12 views

CVE-2026-47833

setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bpm container can cause root to chown an arbitrary host file to vcap and append bpm JSON log lines to it. The chown alone lets the attacker take ownersh...

6.9CVSS0.00125EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/18 6:30 p.m.7 views

CVE-2026-47833

setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bpm container can cause root to chown an arbitrary host file to vcap and append bpm JSON log lines to it. The chown alone lets the attacker take ownersh...

6.9CVSS5.4AI score0.00125EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 10:34 a.m.4 views

USN-8390-2 linux-azure, linux-gcp, linux-hwe, linux-oracle vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS7AI score0.93235EPSS
Exploits31References2
Ubuntu
Ubuntu
added 2026/06/17 10:34 a.m.18 views

USN-8390-2: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS5.8AI score0.93235EPSS
Exploits31
OSV
OSV
added 2026/06/17 10:27 a.m.4 views

USN-8441-1 linux-aws-hwe, linux-azure, linux-gcp, linux-hwe, linux-oracle vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

7.8CVSS6.2AI score0.96267EPSS
Exploits230References7
Ubuntu
Ubuntu
added 2026/06/17 10:27 a.m.21 views

USN-8441-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

7.8CVSS5.7AI score0.96267EPSS
Exploits230
Ubuntu
Ubuntu
added 2026/06/16 10:14 p.m.24 views

USN-8426-2: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS5.9AI score0.96267EPSS
Exploits283
NVD
NVD
added 2026/06/16 5:16 p.m.11 views

CVE-2024-38487

api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions...

7CVSS0.00081EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 4:29 p.m.20 views

CVE-2024-38487

CVE-2024-38487 describes a vulnerability where an api-gateway container running with root privileges could escape the container and access the host system. Affected configuration: containerized api-gateway with root-level execution; root privileges combined with local attack vector enable host ac...

7CVSS5.3AI score0.00081EPSS
Exploits0References1
Rows per page
Query Builder