Exploit for CVE-2026-46333

CVE-2026-46333 Research and educational repository for CVE-...

Malicious code in node-ci-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1593e77b5e2763e7ace49c239accedfe30209faea11bc07cf3901a7253798444 On require'node-ci-utils', index.js runs a top-level init that, on Linux, creates a hidden directory /.local/share/.nodecache/, downloads an opaque...

Astra Linux - уязвимость в firefox, thunderbird

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. Note: This issue only affected Linux operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and...

Exploit for CVE-2026-31431

CVE-2026-31431 WARNING These PoCs are runtime-destructi...

GHSA-GGC5-46RG-MR4V uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition

The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU symlink races using file-descriptor-relative syscalls, is incorrectly limited to Linux targets. On other Unix-like systems such as macOS and FreeBSD, the utility fails to utilize...

CVE-2026-35362

The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU symlink races using file-descriptor-relative syscalls, is incorrectly limited to Linux targets. On other Unix-like systems such as macOS and FreeBSD, the utility fails to utilize...

Linux Distros Unpatched Vulnerability : CVE-2026-35362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of- Use TOCTOU symlink races using file-descriptor-relativ...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...

SUSE CVE-2023-4104

An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected. This vulnerability affects Mozilla VPN 2.16.1 Linux...

SUSE CVE-2021-29986

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. Note: This issue only affected Linux operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and...

Mozilla: Arbitrary file read from a compromised content process

The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Firefox for Linux. Other operating systems are unaffected...

Mozilla: Arbitrary file read from a compromised content process

The Mozilla Foundation Security Advisory describes this flaw as: An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages. This bug only affects Firefox for Linux. Other operating systems are unaffected...

AZL-11394 CVE-2022-42919 affecting package python3 for versions less than 3.9.19-1

Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

ez-pwnkit A pure-Go implementation of the CVE-2021-4034 Pwn...

Mozilla: Race condition when resolving DNS names could have led to memory corruption

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. Note: This issue only affected Linux operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and...

Mozilla: Race condition when resolving DNS names could have led to memory corruption

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. Note: This issue only affected Linux operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and...

CVE-2017-7794

On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. Note: This attack only affects the Linux operating system. Other operating system...

XOR Encoder

Mips Web server exploit friendly xor encoder This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasm' class MetasploitModule 'XOR Encoder', 'Description' = %q Mips Web server exploit friendly xor encoder ,...

portbunny (NASL wrapper)

This plugin runs portbunny scan to find open ports. Portbunny is Linux only kernel module port scanner suitable for large internal portscans. This is experimental plugin, use with care. OpenVAS Vulnerability Test $Id: portbunny.nasl 8023 2017-12-07 08:36:26Z teissa $ Use portbunny as scanner...

ISC BIND 8.2.x - 'TSIG' Remote Stack Overflow (4)

/ This exploit has been fixed and extensive explanation and clarification added. Cleanup done by: Ian Goldberg Jonathan Wilkins NOTE: the default installation of RedHat 6.2 seems to not be affected due to the compiler options. If BIND is built from source then the bug is able to manifest itself. ...