Lucene search
K

899 matches found

Debian CVE
Debian CVE
added 2026/05/01 2:15 p.m.5 views

CVE-2026-43016

In the Linux kernel, the following vulnerability has been resolved: bpf: sockmap: Fix use-after-free of sk-sksocket in skpsockverdictdataready. syzbot reported use-after-free of AFUNIX socket's sk-sksocket in skpsockverdictdataready. 0 In unixstreamsendmsg, the peer socket's -skdataready is calle...

7.8CVSS5.7AI score0.00125EPSS
Exploits0
CVE
CVE
added 2026/05/01 2:14 p.m.14 views

CVE-2026-31734

CVE-2026-31734 (Linux kernel sched_ext) has been fixed. The issue was a false negative where is_bpf_migration_disabled() could be incorrect on systems without CONFIG_PREEMPT_RCU, causing migration_disabled == 1 to be treated as truly migration-disabled even for the current task. The BPF prolog no...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
GithubExploit
GithubExploit
added 2026/04/30 1:55 p.m.92 views

Exploit for CVE-2026-31431

CVE-2026-31431 aka Copy.Fail eBPF workaro...

7.8CVSS5.7AI score0.96267EPSS
Exploits229
NVD
NVD
added 2026/04/24 8:16 p.m.5 views

CVE-2026-41433

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is...

8.4CVSS0.00194EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/24 7:26 p.m.36 views

CVE-2026-41433 OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From 0.4.0 to before 0.8.0, a flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is...

8.4CVSS0.00194EPSS
Exploits1References2
CVE
CVE
added 2026/04/24 7:26 p.m.12 views

CVE-2026-41433

OpenTelemetry eBPF Instrumentation (OpenTelemetry OBI) has a local impact flaw in the Java agent injection path for versions 0.4.0–0.7.x (before 0.8.0). A compromised Java workload can cause arbitrary host file overwrites when Java injection is enabled and OBI runs with elevated privileges. The r...

8.4CVSS5.5AI score0.00194EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013422)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013422 advisory. An out-of-bounds OOB memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special...

7.1CVSS5.8AI score0.01095EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.13 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013423)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013423 advisory. A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernels BPF subsystem due to the way a...

7.8CVSS5.8AI score0.00346EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.8 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010714)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010714 advisory. A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernels BPF subsystem due to the way a...

7.8CVSS6.7AI score0.00346EPSS
Exploits0References3
OSV
OSV
added 2026/04/17 10:21 p.m.3 views

GHSA-8GMG-3W2Q-65F4 OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR

Summary A flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is running with elevated privileges. The injector trusted TMPDIR from the target process and used unsafe file creation...

8.4CVSS5.9AI score0.00194EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/17 10:21 p.m.6 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via the findTempDir and copyAgent processes. An attacker can overwrite arbitrary files on the host system by controlling the TMPDIR environment variable in a Java process and leveraging symlink manipulation. This is only...

8.4CVSS6AI score0.00194EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/17 10:21 p.m.7 views

OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR

Summary A flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is running with elevated privileges. The injector trusted TMPDIR from the target process and used unsafe file creation...

8.4CVSS5.9AI score0.00194EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.10 views

PT-2026-35073

Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions 0.4.0 through 0.7.x Description A flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and the...

8.4CVSS5.9AI score0.00194EPSS
Exploits1References8
Packet Storm News
Packet Storm News
added 2026/04/03 12:0 a.m.29 views

ML Defender (ARGus NDR): An Open-Source Embedded ML NIDS for Botnet and Anomalous Traffic Detection in Resource-Constrained Organizations

Ransomware and DDoS attacks disproportionately impact hospitals, schools, and small organizations that cannot afford enterprise security solutions. We present ML Defender aRGus NDR, an open-source network intrusion detection system built in C++20, deployable on commodity hardware at approximately...

5.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/25 4:57 p.m.4 views

SUSE CVE-2026-23294

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in devmap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpdevbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bqenqueue and devflush run atomically...

7CVSS5.8AI score0.0009EPSS
Exploits0References3
NVD
NVD
added 2026/03/25 11:16 a.m.3 views

CVE-2026-23284

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Reset prog ptr to oldprog in case of error in mtkxdpsetup Reset eBPF program pointer to oldprog and do not decrease its ref-count if mtkopen routine in mtkxdpsetup fails...

5.5CVSS0.00123EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/12 5:35 p.m.4 views

CVE-2026-31890

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. Prior to 0.50.1, in a situation where the ring-buffer of a gadget is – incidentally or maliciously – already full, the gadget will silently drop events. Th...

4.8CVSS5.8AI score0.00143EPSS
Exploits1References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/02/14 12:23 a.m.6 views

SUSE CVE-2026-25996

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

9.8CVSS5.6AI score0.0056EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/12 8:6 p.m.5 views

CVE-2026-25996

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

6.9CVSS5.6AI score0.0056EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/02/12 8:6 p.m.6 views

CVE-2026-25996 Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

6.9CVSS5.6AI score0.0056EPSS
Exploits1References5
Rows per page
Query Builder