Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: NetworkManager (UTSA-2026-016802)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016802 advisory. A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configu...

Astra Linux - уязвимость в linux-5.10, linux-5.15

A flaw was discovered in the Linux kernel. The existing KVM SEV API contains a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in an AMD CPU that supports Secure Encrypted Virtualization SEV...

Astra Linux - уязвимость в open-vm-tools

open-vm-tools contains a file descriptor hijacking vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

EUVD-2025-206343

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

CVE-2025-66735

youlai-boot V2.21.1 is vulnerable to Incorrect Access Control. The getRoleForm function in SysRoleController.java does not perform permission checks, which may allow non-root users to directly access root roles...

EUVD-2018-2962

Malware in sbrugna...

EUVD-2022-49219

Malicious code in bioql PyPI...

CVE-2025-1131

A local privilege escalation vulnerability exists in the safeasterisk script included with the Asterisk toolkit package. When Asterisk is started via this script common in SysV init or FreePBX environments, it sources all .sh files located in /etc/asterisk/startup.d/ as root, without validating...

UBUNTU-CVE-2025-1131

A local privilege escalation vulnerability exists in the safeasterisk script included with the Asterisk toolkit package. When Asterisk is started via this script common in SysV init or FreePBX environments, it sources all .sh files located in /etc/asterisk/startup.d/ as root, without validating...

PT-2025-39117

Name of the Vulnerable Software and Affected Versions Asterisk toolkit affected versions not specified Description A local privilege escalation issue exists in the safe asterisk script. When Asterisk starts using this script, it executes all .sh files in the /etc/asterisk/startup.d/ directory as...

CVE-2025-20292

CVE-2025-20292 is a Cisco NX-OS Software CLI vulnerability. An authenticated, local attacker can inject commands due to insufficient input validation in an affected CLI command. Successful exploitation could allow reading and writing files on the underlying OS with the privileges of a non-root us...

Linux Distros Unpatched Vulnerability : CVE-2021-20188

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abuse...

CVE-2022-32268

StarWind SAN and NAS v0.2 build 1914 allow remote code execution. A flaw was found in REST API in StarWind Stack. REST command, which allows changing the hostname, doesn’t check a new hostname parameter. It goes directly to bash as part of a script. An attacker with non-root user access can injec...

CVE-2022-24552

A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with roo...

Siemens SIMATIC Devices Linux Kernel Incomplete Cleanup (CVE-2022-0171)

A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root host user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization SEV. This plugin only works with...

SUSE CVE-2023-34059

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs...

open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...

open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper

A flaw was found in open-vm-tools. This flaw allows a malicious actor with non-root privileges to hijack the /dev/uinput file descriptor, allowing them to simulate user inputs...