Oracle Linux 10 : systemd (ELSA-2026-13651)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13651 advisory. 257-13.0.1.el101.3 - Fix detection of Oracle Virtualization or BM envs Orabug: 37531877 - Avoid udevadm warnings when using udev valid configs Orabug: 3750319...

systemd security update

252-55.0.3.el97.9 - serialize: don't allocate 1M on the stack just like that LINUX-16166 - Route logs from container mapped uids to the system journal Orabug: 38135007 - Drop delay when nspawn fails to reset loginuid Orabug: 37793135 - Improve logging for api bus connection and subscribers Orabug...

JLSEC-2026-212

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...

SUSE CVE-2026-27456

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...

CVE-2026-27456

A flaw was found in util-linux. When an /etc/fstab entry is configured with the user,loop options, the mount program checks the file path with user permissions but later opens it with root privileges. This creates a brief Time-of-Check-Time-of-Use TOCTOU window where an attacker can substitute th...

ALPINE-CVE-2026-27456

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...

UBUNTU-CVE-2026-27456

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...

CVE-2026-27456 util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...

EUVD-2026-18864

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...

PT-2026-30240

Name of the Vulnerable Software and Affected Versions util-linux versions prior to 2.41.4 Description A Time-of-Check-Time-of-Use TOCTOU vulnerability exists in the SUID binary /usr/bin/mount within util-linux. When setting up loop devices, the binary validates a file path with user privileges bu...

systemd security update

252-55.0.3.7 - serialize: don't allocate 1M on the stack just like that LINUX-16166 - Route logs from container mapped uids to the system journal Orabug: 38135007 - Drop delay when nspawn fails to reset loginuid Orabug: 37793135 - Improve logging for api bus connection and subscribers Orabug:...

EUVD-2014-3971

Malware in sbrugna...

EUVD-2014-3862

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-27187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcoreexternalcommand helper contains a logic flaw in which the service invoking D-Bus...

Security update for systemd

This update for systemd fixes the following issues: CVE-2025-4598: Race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump bsc1243935. CVE-2023-26604: Privilege escalation via the less pager bsc1208958. CVE-2022-4415: systemd-coredump wa...

WordPress plugin Filestack Official 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...

PT-2024-17014 · Filestack · Filestack Official Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Filestack Official plugin for WordPress versions up to, and including, 2.0.0 Description: The issue is related to Reflected Cross-Site Scripting via the fstab and filestack options parameters due to insufficient input sanitization and output...

systemd security update

239-82.0.1 - Fixed deletion issue for symlink when device is opened Orabug: 36228608 - Fix local-fs and remote-fs targets during system boot replaces old Orabug: 25897792 Orabug: 35871376 - 1A Add 'systemd-fstab-generator-reload-targets.service' file Orabug: 35871376 - 1B Add required rpms for...

SUSE CVE-2014-4040

snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a...

SUSE CVE-2020-27187

An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcoreexternalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related...