CVE-2026-45975

A flaw was found in the Linux kernel's ublk subsystem. A local attacker could exploit a race condition where the kernel reads struct ublksrvctrlcmd from userspace-mapped memory without proper synchronization. This allows a malicious user to concurrently write to the structure, potentially causing...

EUVD-2026-32259

In the Linux kernel, the following vulnerability has been resolved: ublk: use READONCE to read struct ublksrvctrlcmd struct ublksrvctrlcmd is part of the iouringsqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them...

CVE-2026-45975

In the Linux kernel, the following vulnerability has been resolved: ublk: use READONCE to read struct ublksrvctrlcmd struct ublksrvctrlcmd is part of the iouringsqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them...

CVE-2026-46038 net: qrtr: ns: Free the node during ctrl_cmd_bye()

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

EUVD-2026-32419

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

CVE-2026-45975

In the Linux kernel, the following vulnerability has been resolved: ublk: use READONCE to read struct ublksrvctrlcmd struct ublksrvctrlcmd is part of the iouringsqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them...

CVE-2026-45975 ublk: use READ_ONCE() to read struct ublksrv_ctrl_cmd

In the Linux kernel, the following vulnerability has been resolved: ublk: use READONCE to read struct ublksrvctrlcmd struct ublksrvctrlcmd is part of the iouringsqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them...

CVE-2026-45975

ublk: use READONCE to read struct ublksrvctrlcmd...

EUVD-2015-3727

Malware in sbrugna...

EUVD-2024-47459

Malicious code in bioql PyPI...

AlmaLinux 9 : golang (ALSA-2025:13935)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:13935 advisory. cmd/go: Go VCS Command Execution Vulnerability CVE-2025-4674 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

CVE-2025-52136

In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptability for later Dashboard installation is set b...

CVE-2025-52136

EMQX before 5.8.6 may allow administrators to install arbitrary plugins via the Dashboard; this behavior is described as intended by the supplier. In 5.8.6 a defense‑in‑depth feature was added that controls plugin installation via the CLI command “emqx ctl plugins allow,” which determines a plugi...

PT-2025-20539

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue occurs when the firmware does not support the PDS CORE CMD FW CONTROL command, potentially causing the driver to print...

PT-2023-17864 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write in the dhd prot ioctcmplt process function of dhd msgbuf.c due to improper input validation. This could lead to local escalation of privilege, requiring System...

SUSE CVE-2017-3138

named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of name...

CVE-2022-35505

A segmentation fault in TripleCross v0.1.0 occurs when sending a control command from the client to the server. This occurs because there is no limit to the length of the output of the executed command...

CVE-2022-28387

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design, they can be unlocked by an attacker who can then gain unauthorized access to the stored data. The attacker can simply use an undocumented IOCTL command that retrieves the correct password. This affec...

PT-2022-12417 · Unknown · Globalprotect-Openconnect

Name of the Vulnerable Software and Affected Versions: GlobalProtect-openconnect versions prior to 1.4.3 Description: The issue concerns incorrect access control in GPService through DBUS, GUI Application. This allows arbitrary users to execute commands as root by submitting the --script=...

Command Execution Vulnerability in HkCMS

HKCMS is an open source content management system developed on the basis of Thinkphp 5.0 framework, using an independent grouping approach. HkCMS suffers from a command execution vulnerability that can be exploited by attackers to gain control of the server...