25040 matches found
ROOT-OS-DEBIAN-11-CVE-2025-23141 CVE-2025-23141 in rootio-linux - Patched by Root
Root has patched CVE-2025-23141 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2024-41935 CVE-2024-41935 in rootio-linux - Patched by Root
Root has patched CVE-2024-41935 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2021-47036 CVE-2021-47036 in rootio-linux - Patched by Root
Root has patched CVE-2021-47036 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-39847 CVE-2025-39847 in rootio-linux - Patched by Root
Root has patched CVE-2025-39847 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
GHSA-H67P-54HQ-RP68 vulnerabilities
Vulnerabilities for packages: vitess, code-server...
CVE-2026-0152
In OSMMapPMRGeneric of pmros.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...
CVE-2026-10748
An authenticated user with the nx-licensing-create privilege can upload a specially crafted license file to execute arbitrary operating system commands as the Nexus process user in Sonatype Nexus Repository 3 versions before 3.92.0...
CVE-2026-12012 vulnerabilities
Vulnerabilities for packages: chromium...
ROOT-OS-DEBIAN-13-CVE-2026-48959 CVE-2026-48959 in rootio-perl - Patched by Root
Root has patched CVE-2026-48959 in the rootio-perl package for Root:Debian:13. Multiple fixed versions available...
postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind
A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...
ROOT-OS-DEBIAN-12-CVE-2026-34380 CVE-2026-34380 in rootio-openexr - Patched by Root
Root has patched CVE-2026-34380 in the rootio-openexr package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-41142 CVE-2026-41142 in rootio-openexr - Patched by Root
Root has patched CVE-2026-41142 in the rootio-openexr package for Root:Debian:12. Multiple fixed versions available...
CVE-2026-1764
A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead to a heap buffer overflow. This vulnerability allows a remote attacker...
EUVD-2026-36772
An OS command injection vulnerability in the /manage/features/media component of kanishka-linux Reminiscence v0.3.0 allows attackers to execute arbitrary commands via supplying a crafted input...
ROOT-OS-DEBIAN-12-CVE-2026-1502 CVE-2026-1502 in rootio-python3.11 - Patched by Root
Root has patched CVE-2026-1502 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-3644 CVE-2026-3644 in rootio-python3.11 - Patched by Root
Root has patched CVE-2026-3644 in the rootio-python3.11 package for Root:Debian:12. Multiple fixed versions available...
EUVD-2026-36730
Fortra's Core Privileged Access Manager BoKS contains an OS command injection vulnerability in the boksautoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing...
⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod. This week is the same lesson in a new form: phishing kits are easier to rent, AI names are useful bait, old login paths still fail, and forgotten...
Malicious code in unicocheck-ios (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bafc91c569cf42c5f1ff68531a8d5238919f595368ffa90b7d4e5bcc74fe9788 package.json declares a preinstall lifecycle script that runs curl against https://webhook.site/fe1246c2-ac04-4493-b223-fe34ba26b79f with query...
ROOT-OS-UBUNTU-2204-CVE-2025-68308 CVE-2025-68308 in rootio-linux - Patched by Root
Root has patched CVE-2025-68308 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...