CVE-2026-47330

Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses...

CVE-2026-47327

Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops...

EUVD-2026-31252

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

CVE-2026-6843

A flaw was found in nano. A local user could exploit a format string vulnerability in the statusline function. By creating a directory with a name containing printf specifiers, the application attempts to display this name, leading to a segmentation fault SEGV. This results in a Denial of Service...

OESA-2026-1982 avahi security update

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. This enables you to plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: cups (UTSA-2026-007174)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007174 advisory. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coer...

vim: Vim: Arbitrary code execution via 'helpfile' option processing

A flaw was found in Vim, an open source, command line text editor. This heap buffer overflow vulnerability exists in the tag file resolution logic when processing the 'helpfile' option. A local user could exploit this by providing a specially crafted 'helpfile' option value, leading to a heap...

CVE-2026-33179

A flaw was found in libfuse. A local user can exploit a NULL pointer dereference and memory leak vulnerability during the setup of the iouring input/output mechanism. This can occur when memory allocation or queue registration fails, leading to the FUSE daemon crashing or resource exhaustion. Thi...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004155)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004155 advisory. A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003573)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003573 advisory. In the Linux kernel before 5.1.17, ptracelink in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship,...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003165)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003165 advisory. The acpinsevaluate function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and causes a kernel stack dump, which...

CVE-2010-0002

The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LSOPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename...

CVE-2001-1530

run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands...

CVE-2003-1134

Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service JVM crash, possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception...

CVE-2022-35861

pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can craft a Python version string in .python-version to execute shims under their control. Shims are executables that pass a command along to a specific versio...

CVE-2023-45175

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service. IBM X-Force ID: 267973...

CVE-2023-45171

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to cause a denial of service. IBM X-Force ID: 267969...

CVE-2023-45165

IBM AIX 7.2 and 7.3 could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 267963...

CVE-2020-7330

Privilege Escalation vulnerability in McAfee Total Protection MTP trial prior to 4.0.176.1 allows local users to schedule tasks which call malicious software to execute with elevated privileges via editing of environment variables...

CVE-1999-0135

admintool in Solaris allows a local user to write to arbitrary files and gain root access...