CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

65 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: nfs: fixed the acl memory leak in posixaclcreate When reviewing another nfs xfstests report, I found that errors related to acl and defaultACL in nfs3proccreate and nfs3procmknod might be exposed. These issues need to be...

5.5CVSS5.9AI score0.00011EPSS

Exploits0References2

Github Security Blog•added 2026/04/22 6:31 p.m.•3 views

uutils coreutils has an Improper Preservation of Permissions issue

The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility attempts cleanup using std::fs::removedir, which cannot remove device nodes or FIFOs. This leaves mislabeled nodes behind wi...

4.4CVSS5.2AI score0.00018EPSS

Exploits1References5Affected Software1

OSV•added 2026/04/22 6:31 p.m.•2 views

GHSA-67HP-F6HQ-2H6G uutils coreutils Uses Incorrectly-Resolved Name or Reference

The cp utility in uutils coreutils, when performing recursive copies -R, incorrectly treats character and block device nodes as stream sources rather than preserving them. Because the implementation reads bytes into regular files at the destination instead of using mknod, device semantics are...

4.4CVSS5.8AI score0.00014EPSS

Exploits1References6

OSV•added 2026/04/22 6:31 p.m.•2 views

GHSA-79RC-QPW3-JV92 uutils coreutils has an Improper Preservation of Permissions issue

3.4CVSS5.8AI score0.00018EPSS

Exploits1References5

EUVD•added 2026/04/22 6:31 p.m.•1 views

EUVD-2026-25004

3.4CVSS5.8AI score0.00018EPSS

Exploits1References3

NVD•added 2026/04/22 5:16 p.m.•1 views

CVE-2026-35361

4.4CVSS0.00018EPSS

Exploits1References2

NVD•added 2026/04/22 5:16 p.m.•1 views

CVE-2026-35358

5.5CVSS0.00014EPSS

Exploits1References3

UbuntuCve•added 2026/04/22 5:16 p.m.•1 views

CVE-2026-35361

4.4CVSS5.8AI score0.00018EPSS

Exploits1References2

OSV•added 2026/04/22 5:16 p.m.•2 views

UBUNTU-CVE-2026-35361

4.4CVSS5.8AI score0.00018EPSS

Exploits1References3

CVE•added 2026/04/22 4:8 p.m.•5 views

CVE-2026-35361

The CVE-2026-35361 issue affects the mknod utility in uutils coreutils. It describes non-atomic handling of security labels for created device nodes: mknod creates the nodes before applying the SELinux context, and on labeling failure attempts cleanup via std::fs::remove_dir, which cannot remove ...

4.4CVSS5.8AI score0.00018EPSS

Exploits1References2Affected Software1

Debian CVE•added 2026/04/22 4:8 p.m.•1 views

CVE-2026-35361

4.4CVSS5.3AI score0.00018EPSS

Exploits1

ATTACKERKB•added 2026/04/22 4:8 p.m.•1 views

CVE-2026-35361

3.4CVSS5.8AI score0.00018EPSS

Exploits1References3

EUVD•added 2026/04/22 3:31 p.m.•1 views

EUVD-2026-24784

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails in this example, because the file system disabled th...

5.7AI score0.00076EPSS

Exploits0References7

ATTACKERKB•added 2026/04/22 1:53 p.m.•1 views

CVE-2026-31448

5.7AI score0.00076EPSS

Exploits0References7Affected Software1

CVE•added 2026/04/22 1:53 p.m.•9 views

CVE-2026-31448

CVE-2026-31448 concerns the Linux kernel ext4 filesystem. The issue arises on mkdir/mknod when an extent insertion fails and ext4_ext_map_blocks() reclaims blocks without removing corresponding data from the extent tree, allowing the same physical block to be referenced by both directory and xatt...

9.4CVSS5.7AI score0.00076EPSS

Exploits0References6Affected Software1

Positive Technologies•added 2026/04/22 12:0 a.m.•1 views

PT-2026-34497

The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility attempts cleanup using std::fs::remove dir, which cannot remove device nodes or FIFOs. This leaves mislabeled nodes behind...

3.4CVSS5.8AI score0.00018EPSS

Exploits1References3

Tenable Nessus•added 2026/04/22 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-35361

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails,...

4.4CVSS5.8AI score0.00018EPSS

Exploits1References3

CNNVD•added 2026/04/22 12:0 a.m.•4 views

uutils coreutils 安全漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils. There is a security vulnerability in uutils coreutils. This vulnerability arises from the process of creating device nodes using mknod and setting SELinux contexts. As a result, nodes with incorrect markings may b...

4.4CVSS5.8AI score0.00018EPSS

Exploits1References1

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

MiracleLinux 4 : busybox-1.15.1-20.AXS4 (AXSA:2014-023:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-023:01 advisory. Busybox is a single binary which includes versions of a large number of system commands, including a shell. This package can be very useful for recovering fro...

7.2CVSS5.6AI score0.00093EPSS

Exploits5References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2009-1073

Malware in sbrugna...

4.9CVSS4.5AI score0.00591EPSS

Exploits0References36

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by