Lucene search
K

907 matches found

Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.11 views

PT-2026-35073

Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions 0.4.0 through 0.7.x Description A flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and the...

8.4CVSS5.9AI score0.00194EPSS
Exploits1References8
Packet Storm News
Packet Storm News
added 2026/04/03 12:0 a.m.31 views

ML Defender (ARGus NDR): An Open-Source Embedded ML NIDS for Botnet and Anomalous Traffic Detection in Resource-Constrained Organizations

Ransomware and DDoS attacks disproportionately impact hospitals, schools, and small organizations that cannot afford enterprise security solutions. We present ML Defender aRGus NDR, an open-source network intrusion detection system built in C++20, deployable on commodity hardware at approximately...

5.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/25 4:57 p.m.4 views

SUSE CVE-2026-23294

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in devmap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpdevbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bqenqueue and devflush run atomically...

7CVSS5.8AI score0.0009EPSS
Exploits0References3
NVD
NVD
added 2026/03/25 11:16 a.m.3 views

CVE-2026-23284

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Reset prog ptr to oldprog in case of error in mtkxdpsetup Reset eBPF program pointer to oldprog and do not decrease its ref-count if mtkopen routine in mtkxdpsetup fails...

5.5CVSS0.00123EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/03/12 5:35 p.m.4 views

CVE-2026-31890

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. Prior to 0.50.1, in a situation where the ring-buffer of a gadget is – incidentally or maliciously – already full, the gadget will silently drop events. Th...

4.8CVSS5.8AI score0.00143EPSS
Exploits1References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/02/14 12:23 a.m.6 views

SUSE CVE-2026-25996

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

9.8CVSS5.6AI score0.0056EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/12 8:6 p.m.5 views

CVE-2026-25996

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

6.9CVSS5.6AI score0.0056EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/02/12 8:6 p.m.9 views

CVE-2026-25996 Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

6.9CVSS5.6AI score0.0056EPSS
Exploits1References5
SUSE Linux
SUSE Linux
added 2026/01/19 4:34 p.m.5 views

Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.3 fixes various security issues The following security issues were fixed: CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. CVE-2025-38476: rpl: Fix use-after-free in rpldosrhinline...

9.2CVSS7.5AI score0.00193EPSS
Exploits1References28
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001520)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001520 advisory. It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod...

7.8CVSS7AI score0.00282EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004488)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004488 advisory. A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A loc...

4.4CVSS6.6AI score0.00236EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001564)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001564 advisory. A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A loc...

4.4CVSS6.6AI score0.00236EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001559)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001559 advisory. This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to...

8.8CVSS8.2AI score0.00972EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001401)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001401 advisory. preallocelemsandfreelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow wit...

7.8CVSS6.7AI score0.0038EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.13 views

CVE-2022-31264

Solana solanarbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program...

7.5CVSS7.2AI score0.01274EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/01/06 12:25 a.m.27 views

SUSE CVE-2025-64715

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.16.17, 1.17.10, and 1.18.4, CiliumNetworkPolicys which use egress.toGroups.aws.securityGroupsIds to reference AWS security group IDs that do not exist or are not attached to any network...

5.5CVSS6.8AI score0.00161EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-27649

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to ethernet functionality within the mtk eth soc module. Specifically, the issue concerns the handling of the eBPF program pointer during the mt...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References21
Debian CVE
Debian CVE
added 2025/11/12 10:23 a.m.4 views

CVE-2025-40143

In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...

5.4AI score0.00241EPSS
Exploits0
Fedora
Fedora
added 2025/11/09 3:19 a.m.8 views

[SECURITY] Fedora 42 Update: bpfman-0.5.4-3.fc42

bpfman operates as an eBPF manager, focusing on simplifying the deployment and administration of eBPF programs...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989906)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989906 advisory. In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fix use-after-free in bpfxdplinkrelease The problem occurs between devgetbyindex and...

5.5CVSS5.5AI score0.00226EPSS
Exploits0References4
Rows per page
Query Builder