Linux Distros Unpatched Vulnerability : CVE-2020-29534

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.9.3. iouring takes a non-refcounted reference to the filesstruct of the process that submitted a request,...

Linux Distros Unpatched Vulnerability : CVE-2022-50095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - posix-cpu-timers: Cleanup CPU timers before freeing them during exec Commit 55e8c8eb2c7b posix-cpu- timers: Store a reference to a pid not a task started lookin...

easy-linux-pwn

This is a set of Linux binary exploitation tasks for beginners on various architectures. The tasks are designed to be solved using a suggested approach, even if there are other easier ways. The tasks assume a dynamically linked libc with a known binary and require the use of ROP Return-Oriented...

SUSE CVE-2022-50095

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: Cleanup CPU timers before freeing them during exec Commit 55e8c8eb2c7b "posix-cpu-timers: Store a reference to a pid not a task" started looking up tasks by PID when deleting a CPU timer. When a non-leader threa...

UBUNTU-CVE-2022-50095

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: Cleanup CPU timers before freeing them during exec Commit 55e8c8eb2c7b "posix-cpu-timers: Store a reference to a pid not a task" started looking up tasks by PID when deleting a CPU timer. When a non-leader threa...

CVE-2022-50095

The CVE-2022-50095 issue affects the Linux kernel posix-cpu-timers: when a non-leader thread execs, the timer’s task reference may point to the old PID, so exit_itimers cannot disarm armed timers. This could leave timers in the timerqueue_list and, during processing, cause a use-after-free. The r...

Linux Distros Unpatched Vulnerability : CVE-2022-49264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: In several other operating systems, it is a hard requirement that the second argumen...

CVE-2025-0914

An improper access control issue in the VQL shell feature in Velociraptor Versions 0.73.4 allowed authenticated users to execute the execve plugin in deployments where this was explicitly forbidden by configuring the preventexecve flag in the configuration file. This setting is not usually...

SUSE CVE-2025-0914

An improper access control issue in the VQL shell feature in Velociraptor Versions 0.73.4 allowed authenticated users to execute the execve plugin in deployments where this was explicitly forbidden by configuring the preventexecve flag in the configuration file. This setting is not usually...

CVE-2025-0914

An improper access control issue in the VQL shell feature in Velociraptor Versions 0.73.4 allowed authenticated users to execute the execve plugin in deployments where this was explicitly forbidden by configuring the preventexecve flag in the configuration file. This setting is not usually...

CVE-2025-0914 Velociraptor Shell Plugin Prevent_execve Bypass

An improper access control issue in the VQL shell feature in Velociraptor Versions 0.73.4 allowed authenticated users to execute the execve plugin in deployments where this was explicitly forbidden by configuring the preventexecve flag in the configuration file. This setting is not usually...

CVE-2025-0914

Velociraptor is affected: Versions earlier than 0.73.4 suffer improper access control in the VQL shell that permits authenticated users to trigger the execve() plugin even when prevent_execve is configured to forbid it. The issue is fixed in release 0.73.4. Practical impact is limited to deployme...

CVE-2025-0914 Velociraptor Shell Plugin Prevent_execve Bypass

An improper access control issue in the VQL shell feature in Velociraptor Versions 0.73.4 allowed authenticated users to execute the execve plugin in deployments where this was explicitly forbidden by configuring the preventexecve flag in the configuration file. This setting is not usually...

Velociraptor 安全漏洞

Velociraptor is a Velocidex open source tool for collecting host-based state information using Velociraptor Query Language VQL queries. A security vulnerability exists in Velociraptor versions prior to 0.73.4 that stems from improper access control and allows execution of the execve plugin...

PT-2025-8961 · Unknown · Velociraptor

Name of the Vulnerable Software and Affected Versions: Velociraptor versions prior to 0.73.4 Description: The issue is related to improper access control in the VQL shell feature, allowing authenticated users to execute the execve plugin even when it is explicitly forbidden by the prevent execve...

CVE-2022-49264

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

DEBIAN-CVE-2022-49264

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

UBUNTU-CVE-2022-49264

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

CVE-2022-49264 exec: Force single empty string when argv is empty

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

CVE-2022-49264 exec: Force single empty string when argv is empty

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...