Lucene search
K

49 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-48792

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event nodes, causing pusbhasvirtualinputdevice to return 0 no virtual devices found even when every open call failed due to...

4.4CVSS5.5AI score0.00128EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 7:55 p.m.10 views

CVE-2026-48792

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event nodes, causing pusbhasvirtualinputdevice to return 0 no virtual devices found even when every open call failed due to...

4.4CVSS5.8AI score0.00128EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.16 views

PT-2026-44091

pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/evdev.c silently ignores EACCES errors when opening /dev/input/event nodes, causing pusb has virtual input device to return 0 no virtual devices found even when every open call failed due to...

4.4CVSS5.8AI score0.00128EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mshv: Fix infinite fault loop on permission-denied GPA intercepts Prevent infinite fault loo...

5.5CVSS5.9AI score0.00107EPSS
Exploits0References2
OSV
OSV
added 2026/05/06 7:40 a.m.4 views

CVE-2026-43096 mshv: Fix infinite fault loop on permission-denied GPA intercepts

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix infinite fault loop on permission-denied GPA intercepts Prevent infinite fault loops when guests access memory regions without proper permissions. Currently, mshvhandlegpaintercept attempts to remap pages for all faults...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References5
CVE
CVE
added 2026/05/06 7:40 a.m.23 views

CVE-2026-43096

In the Linux kernel mshv component, CVE-2026-43096 patches an infinite fault loop caused by permission-denied GPA intercepts. The issue occurred when guest access to memory regions triggered remaps for all faults on movable regions, even if access type wasn’t permitted, causing a re-fault and vCP...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 7:40 a.m.5 views

CVE-2026-43096

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix infinite fault loop on permission-denied GPA intercepts Prevent infinite fault loops when guests access memory regions without proper permissions. Currently, mshvhandlegpaintercept attempts to remap pages for all faults...

5.5CVSS5.7AI score0.00107EPSS
Exploits0
Cvelist
Cvelist
added 2026/02/04 4:7 p.m.30 views

CVE-2026-23056 uacce: implement mremap in uacce_vm_ops to return -EPERM

In the Linux kernel, the following vulnerability has been resolved: uacce: implement mremap in uaccevmops to return -EPERM The current uaccevmops does not support the mremap operation of vmoperationsstruct. Implement .mremap to return -EPERM to remind users. The reason we need to explicitly disab...

0.00177EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.6 views

Configure Audit Rules for File Access Failures

System calls, such as open, truncate, ftruncate, create and openat, are audited and monitored. If the -EACCES or -EPERM error is returned, you lack the permission to access the files. In this case, audit logs need to be recorded. File access failures due to a lack of proper permissions are common...

6.8AI score
Exploits0References2
Citrix
Citrix
added 2025/04/22 12:0 a.m.23 views

Unable to upload the master image on MCS machine catalog in GCP

Error when updating the catalog Action Name: MCUpdateMachineCatalog Exception: StudioErrorId : ProvisioningTaskError ErrorCategory : NotSpecified TaskState : UnknownError TaskStateInformation : Terminated ErrorId : ManagedMachineGeneralException Operation : PreparingMasterImage ErrorMessage : Err...

7.1AI score
Exploits0
Citrix
Citrix
added 2025/04/14 12:0 a.m.15 views

CVAD- 2308- Delete VM operation is showing access denied in the Web studio and same works in studio.

After the upgrade of the site from 2305 to 2308, the delegated users get a permissioned denied message when trying to delete a VM. Other operation from the web studio works fine. Same delete operation works fine in the desktop studio, but it shows access denied in the web studio. Under the CDF...

6.9AI score
Exploits0
FreeBSD
FreeBSD
added 2025/02/25 12:0 a.m.8 views

Navidrome -- Authentication bypass in Subsonic API

Deluan reports: In certain Subsonic API endpoints, authentication can be bypassed by using a non-existent username combined with an empty salted password hash. This allows read-only access to the server’s resources, though attempts at write operations fail with a “permission denied” error...

6.9CVSS7.7AI score0.00936EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.1323 views

SSH Username Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SSH Username Enumeration', 'Description' = %q This module uses a malformed packet or timing attack to enumerate users on an OpenSSH server. The...

5.9CVSS7.3AI score0.98631EPSS
Exploits41
Citrix
Citrix
added 2024/07/17 12:0 a.m.11 views

Unable to set DefaultReuseMachinesWithoutShutdownInOutage using PowerShell command

While runing the PowerShell command "Set-BrokerSite -DefaultReuseMachinesWithoutShutdownInOutage $true" in Citrix Virtual Apps and Desktops CVAD 2203 LTSR environment, the following error "A required feature is disabled by the system configuration" was shown...

7.2AI score
Exploits0
Citrix
Citrix
added 2024/05/08 12:0 a.m.10 views

PVS | StreamService cannot access vDisks after reboot

Intermittent problems with the StreamService of the PVS servers. Infrequently, when the PVS server boots, the StreamService is unable to access the vDisks. The event logs show the error message "Login failed error code: 2 for device : Server : vDisk file access permission denied". Two short-term...

7.2AI score
Exploits0
Atlassian
Atlassian
added 2023/10/06 9:45 a.m.19 views

Scripts failing intermittently due to permissions denied (401) exception while using PAT

h3. Issue Summary This is reproducible on the Data Center: Yes h3. Steps to Reproduce Create two Jira users: UserA and UserB and two Projects: ProjectA and ProjectB. Restrict access to ProjectA for UserA, and ProjectB for UserB. Create one issue each on ProjectA and ProjectB. Use the below python...

7.4AI score
Exploits0
Veeam
Veeam
added 2022/12/14 12:0 a.m.31 views

Adding Linux Server Without Elevation: "Installing Installer service Error"

Challenge When adding a Linux Server to Veeam Backup & Replication using a non-root account and not enabling the "Elevate account privileges automatically" option, the following error is shown: RPM-based Linux distributions Installing Installer service Error: Error: error: can't create transactio...

6.3AI score
Exploits0Affected Software1
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.351 views

ManageEngine ADSelfService Plus 6.1 - User Enumeration

Exploit Title: ManageEngine ADSelfService Plus 6.1 - User Enumeration Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/self-service-password/download.html Version: ADSelfService 6.1 Build 6121 Tested Against:...

7.4AI score
Exploits0
wpexploit
wpexploit
added 2022/03/14 12:0 a.m.106 views

Dropdown Menu Widget <= 1.9.7 - Subscriber+ Arbitrary Settings Update to Stored XSS

The plugin does not have authorisation and CSRF checks when saving its settings, allowing low privilege users such as subscriber to update them. Due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site Scripting issues Open the following URL as a subscriber:...

5.4CVSS0.3AI score0.00595EPSS
Exploits2
OSV
OSV
added 2022/02/01 8:3 p.m.8 views

ALBA-2022:0347 resource-agents bug fix and enhancement update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Bug Fixes and Enhancements: gcp-vpc-move-vip, gcp-vpc-move-route, gcp-pd-move: A failed...

7AI score
Exploits0
Rows per page
Query Builder