USN-8098-9: Linux kernel (IBM) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

USN-8098-9 linux-ibm-5.4 vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

CVE-2026-33747

CVE-2026-33747 affects BuildKit prior to v0.28.1. When using a custom BuildKit frontend, an untrusted frontend can craft an API message to cause files to be written outside the BuildKit state directory for the execution context, potentially enabling local privilege escalation or unauthorized file...

CVE-2026-33747 BuildKit vulnerable to malicious frontend causing file escape outside of storage root

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for...

CVE-2026-33747 BuildKit vulnerable to malicious frontend causing file escape outside of storage root

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for...

CVE-2026-33747 BuildKit vulnerable to malicious frontend causing file escape outside of storage root

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for...

CVE-2026-33747

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for...

Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-8126-1)

"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8126-1 advisory. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these...

CVE-2026-30302

The command auto-approval module in CodeRider-Kilo contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser the Unix-based shell-quote library to analyze commands on the...

CVE-2026-30302

The command auto-approval module in CodeRider-Kilo contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser the Unix-based shell-quote library to analyze commands on the...

CVE-2026-30303

CVE-2026-30303 concerns Axon Code’s command auto-approval module, which is vulnerable to OS Command Injection. The root cause is the use of an incompatible Unix-style command parser (shell-quote) on Windows, coupled with improper handling of Windows CMD escape sequences (^). This mismatch allows ...

CVE-2026-30303

The command auto-approval module in Axon Code contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser the Unix-based shell-quote library to analyze commands on the...

Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-8125-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8125-1 advisory. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these...

Linux Distros Unpatched Vulnerability : CVE-2025-2509

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-Bounds Read in Virglrenderer in ChromeOS 16093.57.0 allows a malicious guest VM to achieve arbitrary address access within the crosvm sandboxed process,...

CVE-2026-33751

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, a flaw in the LDAP node's filter escape logic allowed LDAP metacharacters to pass through unescaped when user-controlled input was interpolated into LDAP search filters. In workflows where external...

[SECURITY] [DLA 4510-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4510-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 26, 2026 https://wiki.debian.org/LTS -...

CVE-2026-0964

A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue...

CVE-2026-0964 Libssh: improper sanitation of paths received from scp servers

A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue...

CVE-2026-3108

A flaw was found in Mattermost. This vulnerability in the mmctl command-line interface allows attackers to manipulate administrator terminals. By sending specially crafted messages containing ANSI and Operating System Command OSC escape sequences, an attacker can enable screen manipulation, displ...

Mattermost allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences...