Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2026/03/20 5:25 p.m.7 views

tar-rs `unpack_in` can chmod arbitrary directories by following symlinks

Summary When unpacking a tar archive, the tar crate's unpackdir function uses fs::metadata to check whether a path that already exists is a directory. Because fs::metadata follows symbolic links, a crafted tarball containing a symlink entry followed by a directory entry with the same name causes...

6.5CVSS5.9AI score0.00379EPSS
Exploits1References5Affected Software1
OSV
OSVadded 2025/09/15 7:3 p.m.14 views

CLSA-2025-1757963029 kernel-uek: Fix of 194 CVEs

rds: tcp: block BH in TCP callbacks - kexec: Improve & fix crashexcludememrange to handle overlapping ranges - module: correctly exit modulekallsymsoneachsymbol when fn != 0 - module: potential uninitialized return in modulekallsymsoneachsymbol - module: use RCU to synchronize findmodule -...

9.8CVSS7.2AI score0.0187EPSS
Exploits12References1
CVE
CVEadded 2025/08/19 5:3 p.m.45 views

CVE-2025-38578

CVE-2025-38578 is a Linux kernel vulnerability related to f2fs use-after-free in f2fs_sync_inode_meta, as discussed in the initial description. The issue arises in the writeback path via f2fs_inode_synced/update_inode/write_inode, leading to a use-after-free condition detected by KASAN. A fix has...

5.5CVSS7.1AI score0.00155EPSS
Exploits0References11Affected Software1
Cvelist
Cvelistadded 2025/08/19 5:3 p.m.8 views

CVE-2025-38578 f2fs: fix to avoid UAF in f2fs_sync_inode_meta()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fssyncinodemeta syzbot reported an UAF issue as below: 1 2 1 https://syzkaller.appspot.com/text?tag=CrashReport&x=16594c60580000 ================================================================== BUG:...

0.00155EPSS
Exploits0References9
NVD
NVDadded 2025/06/18 11:15 a.m.3 views

CVE-2022-50004

In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix metadata dst-dev xmit null pointer dereference When we try to transmit an skb with metadatadst attached i.e. dst-dev == NULL through xfrm interface we can hit a null pointer dereference1 in xfrmixmit2 -...

5.5CVSS0.00205EPSS
Exploits0References4
SUSE Linux
SUSE Linuxadded 2025/03/13 12:44 p.m.1 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2021-47633: ath5k: fix OOB in ath5keepromreadpcalinfo5111 bsc1237768. CVE-2022-49080: mm/mempolicy: fix mpolnew leak in sharedpolicyreplace bsc1238033...

8.6CVSS8AI score0.00576EPSS
Exploits1References64
SUSE CVE
SUSE CVEadded 2024/11/19 3:48 a.m.3 views

SUSE CVE-2024-52867

guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...

8.1CVSS7AI score0.00228EPSS
Exploits0References3
Rows per page
Query Builder