Oracle Linux 10 : systemd (ELSA-2026-13651)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13651 advisory. 257-13.0.1.el101.3 - Fix detection of Oracle Virtualization or BM envs Orabug: 37531877 - Avoid udevadm warnings when using udev valid configs Orabug: 3750319...

systemd security update

252-55.0.3.el97.9 - serialize: don't allocate 1M on the stack just like that LINUX-16166 - Route logs from container mapped uids to the system journal Orabug: 38135007 - Drop delay when nspawn fails to reset loginuid Orabug: 37793135 - Improve logging for api bus connection and subscribers Orabug...

JLSEC-2026-212

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...

SUSE CVE-2026-27456

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...

CVE-2026-27456

A flaw was found in util-linux. When an /etc/fstab entry is configured with the user,loop options, the mount program checks the file path with user permissions but later opens it with root privileges. This creates a brief Time-of-Check-Time-of-Use TOCTOU window where an attacker can substitute th...

ALPINE-CVE-2026-27456

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...

UBUNTU-CVE-2026-27456

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...

EUVD-2026-18864

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...

CVE-2026-27456 util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup

util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privilege...

PT-2026-30240

Name of the Vulnerable Software and Affected Versions util-linux versions prior to 2.41.4 Description A Time-of-Check-Time-of-Use TOCTOU vulnerability exists in the SUID binary /usr/bin/mount within util-linux. When setting up loop devices, the binary validates a file path with user privileges bu...

systemd security update

252-55.0.3.7 - serialize: don't allocate 1M on the stack just like that LINUX-16166 - Route logs from container mapped uids to the system journal Orabug: 38135007 - Drop delay when nspawn fails to reset loginuid Orabug: 37793135 - Improve logging for api bus connection and subscribers Orabug:...

EUVD-2014-3971

Malware in sbrugna...

EUVD-2014-3862

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-27187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcoreexternalcommand helper contains a logic flaw in which the service invoking D-Bus...

Security update for systemd

This update for systemd fixes the following issues: CVE-2025-4598: Race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump bsc1243935. CVE-2023-26604: Privilege escalation via the less pager bsc1208958. CVE-2022-4415: systemd-coredump wa...

PT-2024-17014 · Filestack · Filestack Official Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Filestack Official plugin for WordPress versions up to, and including, 2.0.0 Description: The issue is related to Reflected Cross-Site Scripting via the fstab and filestack options parameters due to insufficient input sanitization and output...

WordPress plugin Filestack Official 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...

systemd security update

239-82.0.1 - Fixed deletion issue for symlink when device is opened Orabug: 36228608 - Fix local-fs and remote-fs targets during system boot replaces old Orabug: 25897792 Orabug: 35871376 - 1A Add 'systemd-fstab-generator-reload-targets.service' file Orabug: 35871376 - 1B Add required rpms for...

SUSE CVE-2014-4040

snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a...

SUSE CVE-2020-27187

An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcoreexternalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related...