18 matches found
OESA-2026-2548 systemd security update
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.CVE-2026-40225...
Linux Distros Unpatched Vulnerability : CVE-2026-40225
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output. CVE-2026-40225 Note that Nessus reli...
CVE-2026-40225
A flaw was found in udev in systemd. A local user with access to malicious hardware devices can exploit this vulnerability. By providing unsanitized kernel output, the flaw allows for local root execution, leading to privilege escalation...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
DEBIAN-CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
UBUNTU-CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
Incorrect Resource Transfer Between Spheres
Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres in the udev process. An attacker can gain local root execution by connecting malicious hardware devices that produce unsanitized kernel output. Remediation A fix was pushed into the master...
CVE-2026-40225
The CVE-2026-40225 entry concerns udev in systemd prior to 260, where local root access can result from malicious hardware devices and unsanitized kernel output. The vulnerability affects the systemd/udev component and is described with a CVSSv3.1 base score of 6.4 (MEDIUM), with attack vector Ph...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
CVE-2026-40225
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...
OPENSUSE-SU-2026:20471-1 Security update for systemd
This update for systemd fixes the following issues: Update to systemd v257.13: Security issues: - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. - CVE-2026-29111: local unprivileged user can trigger an assert in systemd bsc1259418. -...
PT-2026-31934
Name of the Vulnerable Software and Affected Versions systemd versions prior to 260 Description In udev, local root execution can occur through the use of malicious hardware devices and unsanitized kernel output. Recommendations Update to version 260 or later...
CVE-2013-4717
Multiple SQL injection vulnerabilities in Open Ticket Request System OTRS Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to Kernel/Output/HTML/PreferencesCustomQueue.pm,...
CVE-2013-4717
Multiple SQL injection vulnerabilities in Open Ticket Request System OTRS Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to Kernel/Output/HTML/PreferencesCustomQueue.pm,...
CVE-2008-7282
Kernel/Output/HTML/CustomerNewTicketQueueSelectionGeneric.pm in Open Ticket Request System OTRS before 2.2.6, when the CustomerPanelOwnSelection and CustomerGroupSupport options are enabled, allows remote authenticated users to bypass intended access restrictions, and perform certain 1 list and 2...