5355 matches found
CVE-2026-7374
A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
PT-2026-43242
Name of the Vulnerable Software and Affected Versions KubeVirt affected versions not specified Description A flaw in the virt-handler component allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Ipados
dyld-signing-oracle-poc A controlled exploration of dyld's pa...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.42 security and extras update
Red Hat OpenShift Container Platform release 4.18.42 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: vfio: Split migration operations from main device operations The vfio core checks whether the driver sets certain migration operations e.g., setstate/getstate, and accordingly calls those operations. However, currently, the ml...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/fb-helper: Fixed out-of-bounds access issues The memory range was clipped to the size of the screen buffer to avoid out-of-bounds access during the damage handling in fbdev’s deferred I/O operations. fbdev’s deferred I/O c...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Revert “f2fs: block cache/dio write during f2fsenablecheckpoint”. This revert commits 196c81fdd438f7ac429d5639090a9816abb9760a. The original patch might cause a deadlock; revert it. write remount - writebegin - lockpage --- lock ...
Astra Linux – Vulnerability in exim4
Exim 4 before 4.94.2 allowed execution with unnecessary privileges. The -oP option is available to the exim user, and it could lead to a denial of service, as files owned by root could be overwritten...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/fbdev-dma: Added shadow buffering for deferred I/O. DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it a...
Astra Linux – Vulnerability in exuberant-ctags
A flaw was discovered in Exuberant Ctags regarding its handling of the "-o" option. This option specifies the tag filename. A specially crafted tag filename, specified either in the command line or in the configuration file, can lead to arbitrary command execution. This occurs because the...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
CVE-2026-22069
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-22069
...
CVE-2026-22069
...
EUVD-2026-30825
A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface...
CVE-2026-22069
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-22069
OPPO O+ Connect contains a local privilege escalation vulnerability due to failure to validate the caller’s identity on the pipe interface. Root cause: improper caller authentication on the inter-process pipe. Affected component: O+ Connect (local privilege escalation). Exploitation details are n...
OPPO O+ Connect 安全漏洞
OPPO O+ Connect is a multi-device connectivity and data collaboration platform developed by OPPO Corporation in China. There is a security vulnerability in OPPO O+ Connect, which stems from the failure to verify the identity of the caller on the pipeline interface, potentially leading to an...