Lucene search
K

107 matches found

Fedora
Fedora
added 3 days ago7 views

[SECURITY] Fedora 43 Update: tmux-3.7b-3.fc43

tmux is a "terminal multiplexer." It enables a number of terminals or windows to be accessed and controlled from a single terminal. tmux is intended to be a simple, modern, BSD-licensed alternative to programs such as GNU Screen...

4.5CVSS6.1AI score0.00124EPSS
Exploits0
Fedora
Fedora
added 5 days ago6 views

[SECURITY] Fedora 43 Update: tmux-3.7-3.fc43

tmux is a "terminal multiplexer." It enables a number of terminals or windows to be accessed and controlled from a single terminal. tmux is intended to be a simple, modern, BSD-licensed alternative to programs such as GNU Screen...

4.5CVSS5.9AI score0.00124EPSS
Exploits0
Fedora
Fedora
added 5 days ago6 views

[SECURITY] Fedora 44 Update: tmux-3.7-2.fc44

tmux is a "terminal multiplexer." It enables a number of terminals or windows to be accessed and controlled from a single terminal. tmux is intended to be a simple, modern, BSD-licensed alternative to programs such as GNU Screen...

4.5CVSS5.9AI score0.00124EPSS
Exploits0
Snyk
Snyk
added 2026/07/02 10:18 p.m.4 views

Active Debug Code

Overview Affected versions of this package are vulnerable to Active Debug Code via improper handler registration on the shared http.DefaultServeMux. An attacker can gain unauthorized access to sensitive debug and metrics endpoints by sending crafted requests, potentially exposing process command...

7.7CVSS6AI score0.00266EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 8:39 a.m.2 views

CVE-2026-53254 Bluetooth: RFCOMM: validate skb length in MCC handlers

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: validate skb length in MCC handlers The RFCOMM MCC handlers cast skb-data to protocol-specific structs without validating skb-len first. A malicious remote device can send truncated MCC frames and trigger...

8.1CVSS5.9AI score0.00283EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/09 3:15 a.m.13 views

EUVD-2026-35297

A security vulnerability has been detected in tmux up to 3.6a. Affected is the function imagefree of the file image.c. Such manipulation leads to use after free. Local access is required to approach this attack. This attack is characterized by high complexity. The exploitability is told to be...

4.5CVSS4.6AI score0.00124EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/27 8:13 p.m.46 views

CVE-2026-44713 pam_usb: Command injection via $TMUX environment variable leads to RCE as root

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/tmux.c reads the user's $TMUX environment variable, splits it on commas, and interpolates the socket-path component directly into a shell command passed to popen. Because the value is placed insi...

8.8CVSS0.00158EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 10:16 p.m.17 views

CVE-2026-44296

Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.167, a remote, unauthenticated denial of service DoS vulnerability affects Deskflow servers running with TLS enabled the default. When any TCP peer connects to the listening port and its first bytes do not parse as a valid TLS...

7.5CVSS0.00279EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 8:52 p.m.31 views

CVE-2026-44296

Deskflow TLS multiplexer DoS (CVE-2026-44296): prior to 1.26.0.167, remote unauthenticated connections that fail TLS ClientHello cause SecureSocket::secureAccept to sleep for 1s on the multiplexer thread, stalling input delivery to all connected screens. A sustained stream of malformed handshakes...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/06 10:59 p.m.9 views

CVE-2026-43244

A flaw was found in the Linux kernel's Kernel Connection Multiplexer KCM module. A local user could trigger an issue where, during partial sendmsg operations, an empty network buffer skb is incorrectly left in the fraglist. A subsequent zero-length write operation can then cause a kernel warning,...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/06 11:27 a.m.5 views

CVE-2026-43155

In the Linux kernel, the following vulnerability has been resolved: mux: mmio: fix regmap leak on probe failure The mmio regmap that may be allocated during probe is never freed. Switch to using the device managed allocator so that the regmap is released on probe failures e.g. probe deferral and ...

5.5CVSS5.7AI score0.00126EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.14 views

tsMuxer 安全漏洞

tsMuxer is a transport stream multiplexer developed by Dan’s individual developer, used for re-mixing/reusing basic streams. Versions of tsMuxer 2.7.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the function HevcVpsUnit::setFPS in the...

4.8CVSS5.8AI score0.00113EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-32314

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. Prior to 0.13.10, the Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN and uses a body length greater than DEFAULTCREDIT e.g. 262145. On the first packet of a new...

8.7CVSS5.8AI score0.00451EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:57 p.m.4 views

CVE-2026-22175

OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...

7.1CVSS6AI score0.00333EPSS
Exploits0References1
NVD
NVD
added 2026/03/18 2:16 a.m.4 views

CVE-2026-22175

OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...

7.1CVSS0.00333EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/18 1:34 a.m.2 views

CVE-2026-22175 OpenClaw < 2026.2.23 - Exec Approval Bypass via Unrecognized Multiplexer Shell Wrappers

OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...

7.1CVSS6AI score0.00333EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/18 1:34 a.m.3 views

CVE-2026-22175

OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...

7.1CVSS6AI score0.00333EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/18 1:34 a.m.4 views

EUVD-2026-12718

OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...

7.1CVSS6AI score0.00333EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/18 1:34 a.m.33 views

CVE-2026-22175 OpenClaw < 2026.2.23 - Exec Approval Bypass via Unrecognized Multiplexer Shell Wrappers

OpenClaw versions prior to 2026.2.23 contain an exec approval bypass vulnerability in allowlist mode where allow-always grants could be circumvented through unrecognized multiplexer shell wrappers like busybox and toybox sh -c commands. Attackers can exploit this by invoking arbitrary payloads...

7.1CVSS0.00333EPSS
Exploits0References3
CVE
CVE
added 2026/03/18 1:34 a.m.14 views

CVE-2026-22175

OpenClaw prior to 2026.2.23 is affected by an exec approval bypass in allowlist mode. Unrecognized multiplexer wrappers (e.g., busybox/toybox sh -c) can bypass allow-always restrictions, enabling invocation of arbitrary payloads under the same wrapper and bypassing execution restrictions. Affecte...

7.1CVSS6AI score0.00333EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder