Lucene search
K

28 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001952)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001952 advisory. The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mountin...

7.8CVSS7.4AI score0.01061EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000948)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000948 advisory. The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a...

7.2CVSS6.8AI score0.00439EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/12/11 7:0 p.m.5 views

CVE-2025-65199

A command injection vulnerability exists in Windscribe for Linux Desktop App that allows a local user who is a member of the windscribe group to execute arbitrary commands as root via the 'adapterName' parameter of the 'changeMTU' function. Fixed in Windscribe v2.18.3-alpha and v2.18.8...

7.8CVSS8AI score0.01094EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2001-0753

Malware in sbrugna...

4.6CVSS6.4AI score0.00326EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-5606

Malware in sbrugna...

7.8CVSS7.7AI score0.00389EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-25915

Malicious code in bioql PyPI...

7.8CVSS6.5AI score0.00178EPSS
Exploits0References1
NVD
NVD
added 2025/08/13 3:15 p.m.4 views

CVE-2025-8941

A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...

7.8CVSS0.00254EPSS
Exploits0References19
CVE
CVE
added 2025/08/12 4:57 p.m.21 views

CVE-2025-20017

Intel’s CVE-2025-20017 describes an uncontrolled search path vulnerability in some Intel® oneAPI Toolkit and component software installers that could enable privilege escalation via local access for an authenticated user. The issue is discussed in the Intel advisory and is grouped with other rela...

6.7CVSS7.4AI score0.00118EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 a.m.11 views

CVE-2019-19726

OpenBSD through 6.6 allows local users to escalate to root because a check for LDLIBRARYPATH in setuid programs can be defeated by setting a very small RLIMITDATA resource limit. When executing chpass or passwd which are setuid root, dlsetupenv in ld.so tries to strip LDLIBRARYPATH from the...

7.8CVSS7.1AI score0.03522EPSS
Exploits12References1
RedhatCVE
RedhatCVE
added 2025/05/16 7:7 p.m.21 views

CVE-2025-0131

An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However,...

7.1CVSS6.9AI score0.00132EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2022-2961

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in the Linux kernel's PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously...

7CVSS6.7AI score0.00299EPSS
Exploits0References3
OSV
OSV
added 2024/10/16 2:15 p.m.4 views

UBUNTU-CVE-2024-22029

Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root...

7.8CVSS5.8AI score0.00182EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/02/23 12:0 a.m.52 views

RHEL 8 : kpatch-patch (RHSA-2024:0937)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0937 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fixe...

7CVSS7AI score0.00767EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/01/25 11:4 a.m.3 views

kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags

An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious too big networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00344EPSS
Exploits0References5
OSV
OSV
added 2023/07/05 8:15 p.m.2 views

CVE-2023-36623

The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges...

7.8CVSS5.8AI score0.00288EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/03/07 9:58 a.m.4 views

kernel: stack overflow in do_proc_dointvec and proc_skip_spaces

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00428EPSS
Exploits0References7
OSV
OSV
added 2023/02/16 8:15 p.m.1 views

CVE-2022-26052

Uncontrolled search path element in the IntelR MPI Library before version 2021.6 for IntelR oneAPI HPC Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access...

7.3CVSS5.8AI score0.00175EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.3 views

SUSE CVE-2021-25321

A UNIX Symbolic Link Symlink Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon th...

7.7CVSS6.8AI score0.00441EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2021/08/31 9:26 a.m.3 views

hw: vt-d related privilege escalation

A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is...

8.8CVSS6.7AI score0.00352EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/01/27 12:53 a.m.3 views

sudo: Heap buffer overflow in argument parsing

A flaw was found in sudo. A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command by default, any local user can execute sudo without authentication. Successful exploitation of this flaw coul...

7.8CVSS7.1AI score0.99295EPSS
Exploits81References8
Rows per page
Query Builder