CVE-2026-41035

In rsync 3.0.1 through 3.4.1, receivexattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X aka --xattrs. On Linux, many but not all common configurations are vulnerable. Non-Linux platforms are more widely vulnerable...

GHSA-VMWF-M9C5-3JVC Microsoft Security Advisory CVE-2026-32178 – .NET Spoofing Vulnerability

Executive Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in...

CVE-2024-11604

Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through...

GHSA-CRJQ-WM6X-6QX7 .NET Elevation of Privilege Vulnerability

Microsoft Security Advisory CVE-2026-26131 – .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 10.0. This advisory also provides guidance on what developers can do to update their...

CVE-2026-3100

CVE-2026-3100 affects ASUSTOR ADM FTP Backup running on Linux/x86/ARM (64‑bit). The issue is improper certificate validation in ADM FTP Backup, enabling sniffing attacks over the network. Affected versions are ADM 4.1.0–4.3.3.ROF1 and 5.0.0–5.1.2.RE51. The CVSS base score is 8.3 (HIGH) with netwo...

EUVD-2014-0922

Malware in sbrugna...

EUVD-2019-0868

Malware in sbrugna...

EUVD-2008-3510

Malware in sbrugna...

EUVD-2011-1127

Malware in sbrugna...

NewStart CGSL MAIN 6.06 : initscripts Vulnerability (NS-SA-2025-0229)

The remote NewStart CGSL host, running version MAIN 6.06, has initscripts packages installed that are affected by a vulnerability: - rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or...

Linux Distros Unpatched Vulnerability : CVE-2017-2362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. Safari before 10.0.3 is affected. tvOS before 10.1.1 is affected. The issue...

Linux Distros Unpatched Vulnerability : CVE-2017-5071

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android allowed a remot...

Linux Distros Unpatched Vulnerability : CVE-2017-9832

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow vulnerability in ptp-pack.c ptpunpackOPL function of libmtp version 1.1.12 and below allows attackers to cause a denial of service...

HTTPS Fetch, Linux Reboot

Fetch and execute an MIPSBE payload from an HTTPS server. A very small shellcode for rebooting the system. This payload is sometimes helpful for testing purposes or executing other payloads that rely on initial startup procedures. Requires CAPSYSBOOT privileges. Module Options msf use...

IBM Db2 安全漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that can be exploited by an attacker to cause a...

CyberPanel upgrademysqlstatus authentication bypass and command injection

Added: 11/07/2024 Background CyberPanel is a web hosting control panel. Problem A pair of vulnerabilities in the upgrademysqlstatus web resource could allow a remote attacker to bypass authentication using a PUT request and execute arbitrary commands with a specially crafted statusfile parameter...

Moderate: Red Hat Security Advisory: Release of openshift-serverless-clients kn 1.33.1 security update and bug fixes

Red Hat openshift-serverless-clients kn 1.33.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Important: Red Hat Enhancement Advisory: Red Hat OpenShift Pipelines Client tkn for 1.15.0 release

Red Hat OpenShift Pipelines Client tkn for 1.15.0 has been released. Red Hat OpenShift Pipelines Client, tkn for the 1.15.0 release, provides a CLI tool to interact with the Pipelines and Triggers components provided by Red Hat OpenShift Pipelines 1.15.0 The tkn CLI tool is delivered as an RPM...

[SECURITY] Fedora 39 Update: libell-0.63-1.fc39

The Embedded Linux Library ELL provides core, low-level functionality for system daemons. It typically has no dependencies other than the Linux kernel, C standard library, and libdl for dynamic linking. While ELL is designed to be efficient and compact enough for use on embedded Linux platforms, ...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in NuGet where a race condition can lead to a symlink attack. Note: Non-Linux platforms are not affected. Remediation There is no fixed version for Microsoft.Build.NuGetSdkResolver...