Lucene search
K

1709 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.32 views

EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2026-2132)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...

7.8CVSS7AI score0.0071EPSS
Exploits7References506
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.18 views

EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2171)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid...

7.8CVSS8.2AI score0.0071EPSS
Exploits7References506
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.9 views

CVE-2026-45252

When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. The fusefs kernel...

5.5CVSS5.6AI score0.00284EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 3:48 p.m.7 views

OESA-2026-2557 kata-containers security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: 'This vulnerability was fixed in Kata Containers 3.31.0:', 'Description:\n\nIn the runtime-rs standalone virtio-fs path, Kata Containers runs virtiofsd\nas root with --sandbox none --seccom...

5.7AI score0.00067EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-48711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - sshfs-fuse - None Ubuntu Linux - Unknown description CVE-2026-48711 Note that Nessus relies on the presence of the package as reported by the...

5.5AI score0.00021EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-47187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - sshfs-fuse - None Ubuntu Linux - Unknown description CVE-2026-47187 Note that Nessus relies on the presence of the package as reported by the...

5.5AI score0.00031EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/27 10:50 p.m.15 views

Kata guest escape: runtime-rs guest-root to host-root escape via virtiofs

Summary In the runtime-rs standalone virtio-fs path, verified here with QEMU and verified with Cloud Hypervisor too, Kata Containers runs host virtiofsd as root with: --sandbox none --seccomp none If an attacker has root-equivalent execution inside the Kata guest VM, they can send raw FUSE reques...

6AI score0.00067EPSS
Exploits0References4Affected Software1
Wolfi
Wolfi
added 2026/05/22 7:48 p.m.25 views

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: newrelic-infrastructure-agent, rancher-helm, skaffold, k8ssandra-client, linkerd2, headlamp, docker-cli-buildx, teleport, gogatekeeper, datadog-agent, fuse-overlayfs-snapshotter, syft, trivy, trivy-operator, dagger, kubescape-operator, osv-scanner, wolfictl, zarf,...

7.8CVSS5.9AI score0.00221EPSS
Exploits1
Chainguard
Chainguard
added 2026/05/22 7:17 p.m.16 views

CVE-2026-46680 vulnerabilities

Vulnerabilities for packages: cloudbeat, linkerd2-fips, envoy-gateway, spegel, headlamp, datadog-agent, containerd, neuvector-scanner-fips, helm-set-status, xeol-fips, livekit-cli, opa-envoy, neuvector-fips, trivy, k3s, envoy-gateway-fips, kube-mgmt-fips, chartmuseum, tigera-operator-fips,...

7.8CVSS5.9AI score0.00221EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/05/21 9:8 a.m.12 views

CVE-2026-45252 Heap overflow in FUSE_LISTXATTR

When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. The fusefs kernel...

5.8AI score0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/21 9:8 a.m.35 views

CVE-2026-45252 Heap overflow in FUSE_LISTXATTR

When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. The fusefs kernel...

0.00284EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/21 9:8 a.m.14 views

EUVD-2026-31254

When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings. The fusefs kernel...

5.5CVSS5.8AI score0.00284EPSS
Exploits0References1
CVE
CVE
added 2026/05/21 9:8 a.m.66 views

CVE-2026-45252

CVE-2026-45252 : In fusefs, when extended attributes are queried via FUSE_LISTXATTR, the kernel may call strlen() on a daemon-provided buffer without ensuring the list is fully NUL-terminated. If the list is not NUL-terminated, the fusefs kernel module may read past the end of a heap buffer and p...

5.5CVSS5.8AI score0.00284EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.13 views

PT-2026-42401

Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description The ptracePT SC REMOTE function failed to properly validate parameters for the syscall2 and syscall2 meta-system calls. This allows a user with debugging capabilities to trigger arbitrary cod...

8.4CVSS6.3AI score0.00196EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.9 views

FreeBSD : FreeBSD -- Heap overflow in FUSE_LISTXATTR (3cc34467-54b6-11f1-8d7a-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3cc34467-54b6-11f1-8d7a-bc241121aa0a advisory. When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message t...

5.5CVSS5.5AI score0.00284EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.14 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Fuse: Abort on fatal signal during sync init When sync init is used and the server exits for some reason e.g., error, crash, the filesystem creation will hang during the processing of FUSEINIT. The reason for this issue is that...

5.5CVSS5.6AI score0.00115EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in ntfs-3g

An invalid return code in fusekernmount allows for the interception of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite...

6.7CVSS6.9AI score0.00417EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in glusterfs

In Gluster GlusterFS 11.0, there is a stack-based buffer over-read issue in xlators/mount/fuse/src/fuse-bridge.c...

7.5CVSS7.5AI score0.00914EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2026/05/20 12:0 a.m.13 views

FreeBSD -- Heap overflow in FUSE_LISTXATTR

Problem Description: When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated strings...

5.5CVSS5.8AI score0.00284EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/20 12:0 a.m.11 views

FreeBSD Security Advisory - FreeBSD-SA-26:20.fusefs

FreeBSD Security Advisory - When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated...

5.5CVSS5.9AI score0.00284EPSS
Exploits0
Rows per page
Query Builder