54604 matches found
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fixed the destruction of kthread workers in polling mode. The cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreadDestroyWorker before...
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: power: supply: bq27xxx: Fixed handling of pollinterval and races during removal operations. Before this patch, bq27xxxbatteryteardown set pollinterval to 0 to avoid requeuing the delayedwork item during bq27xxxbatteryupdate...
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² linux-5.10, linux-5.15, linux-6.1
A flaw was discovered in the parsing of extended attributes in the kernelās ksmbd module. The issue arises due to the lack of proper validation of user-provided data, which can lead to data being read beyond the end of an allocated buffer. An attacker can exploit this vulnerability to disclose...
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² linux-5.10, linux
A flaw was discovered in the Linux kernelās implementation of proxied virtualized TPM devices. In a system where virtualized TPM devices are enabled which is not the default setting, a local attacker can exploit this flaw to create a āuse-after-freeā condition, potentially allowing them to escala...
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² apache2
Some modproxy configurations on the Apache HTTP Server versions 2.4.0 through 2.4.55 allow for an HTTP Request Smuggling attack. These configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch, where a non-specific pattern matches a portion of the...
MAL-2026-4493 Malicious code in axiosqqq (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9cf5bc7a896b21f9af923c60b9283758bf46d4fb279f752a42bae43bb6006aa Package name axiosqqq is a 3-character-suffix typosquat of axios and ships axios's verbatim source, README, and CHANGELOG to impersonate the legitima...
SUSE CVE-2024-4032
The āipaddressā module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as āglobally reachableā or āprivateā. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...
Malicious code in ethers-wallet-packages (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector beda1480a40189cc8177ace4e3d6fd9773ad81f4cbe5a6c07e3004427846dc8d The package impersonates the legitimate @ethersproject/wallet source files are otherwise verbatim copies, including the internal version string...
CVE-2026-43619
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
ALPINE-CVE-2026-43619
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
CVE-2026-43619 Rsync < 3.4.3 Symlink Race Condition via Path-Based Syscalls
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
EUVD-2026-31010
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
CVE-2026-43619 Rsync < 3.4.3 Symlink Race Condition via Path-Based Syscalls
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
CVE-2026-43619
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
CVE-2026-43619
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
CVE-2026-43619
Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...
PT-2026-42369
Nuclei: Local File Read via require Module Loader Bypass in github.com/projectdiscovery/nuclei...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-8280-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8280-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Cop...
PT-2026-42119
Name of the Vulnerable Software and Affected Versions FreePBX affected versions not specified Description Hardcoded credentials in the Userman module allow unauthenticated access to the portal, potentially exposing business phone systems. Recommendations Update the installed modules to the latest...
Linux Distros Unpatched Vulnerability : CVE-2026-43619
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir,...