57 matches found
CVE-2026-46748
A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected system includes a binary that is configured with the capdacoverride capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access...
PT-2026-47734
A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected system includes a binary that is configured with the cap dac override capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: rtw89: pci: Configure manual DAC mode via PCI config API only To support 36-bit DMA, configure the chip’s proprietary bit via the PCI config API or the chip’s DBI interface. However, the PCI device’s mmap is not set yet, an...
CVE-2026-2460
A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so...
SUSE-SU-2026:0628-1 Security update 5.1.2 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Non-customer-facing optimization around source building golang-github-boynux-squidexporter: - Update to version 1.13.0 jscPED-14971 - Add support for squid-internal-mgr path for metrics. - Update to version...
CVE-2026-2460
A vulnerability exists in REB500 for an authenticated user with low-level privileges to access and alter the content of directories by using the DAC protocol that the user is not authorized to do so...
CVE-2026-2460
CVE-2026-2460 affects REB500. An authenticated user with low privileges can use the DAC protocol to access and alter directory content to which they are not authorized. The documented impact includes high confidentiality and integrity risks (per CVSS 4.0, base score 7.6). Exploit details, affecte...
CVE-2026-23092
In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses 'count' as the index for null...
CVE-2026-23092
In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses 'count' as the index for null...
CVE-2026-23092
In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses 'count' as the index for null...
CVE-2026-23092 iio: dac: ad3552r-hs: fix out-of-bound write in ad3552r_hs_write_data_source
In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses 'count' as the index for null...
Linux Distros Unpatched Vulnerability : CVE-2026-23092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to th...
PIONEER USB DAC Amplifier和PIONEER Stellanova 代码问题漏洞
PIONEER USB DAC Amplifier and PIONEER Stellanova are both products of PIONEER Corporation, Japan.PIONEER USB DAC Amplifier is a line of hi-fi audio devices.PIONEER Stellanova is a line of audio systems. A code issue vulnerability exists in PIONEER USB DAC Amplifier and PIONEER Stellanova, which...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990918)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990918 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in addsecretdacpath sndhdagetconnections can...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989152)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989152 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in addsecretdacpath sndhdagetconnections can...
Linux Distros Unpatched Vulnerability : CVE-2022-23132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - During Zabbix installation from RPM, DACOVERRIDE SELinux capability is in use to access PID files in /var/run/zabbix folder. In this case, Zabbix Proxy or Serve...
DEBIAN-CVE-2025-38284
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: configure manual DAC mode via PCI config API only To support 36-bit DMA, configure chip proprietary bit via PCI config API or chip DBI interface. However, the PCI device mmap isn't set yet and the DBI is also...
CVE-2025-38284
CVE-2025-38284 affects the Linux kernel wifi driver rtW89 via PCI config DAC handling. The issue: 36-bit DMA support depends on a chip‑proprietary bit accessible through PCI config API or DBI; when mmap is NULL, a page fault occurs and the kernel trace shows a BUG in rtw89_pci_ops_write16 leading...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...