Lucene search
K

15 matches found

CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53200

The CVE refers to the Linux kernel KVM on ARM64 where the XN bit handling was broken when FEAT_XNX is not enabled. Specifically, a FIELD_PREP() mask used to clear XN[0] manipulated the wrong bit, unconditionally granting execute permissions. The issue is resolved by correcting the bit manipulatio...

8.8CVSS5.8AI score0.00129EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/17 1:54 p.m.11 views

Pi Agent: Race condition in Pi auth.json writes could expose stored credentials

Pi auth.json writes could briefly expose stored credentials to local users Pi stored API keys and OAuth credentials in auth.json. A race condition in the file write path could briefly create or rewrite this file with permissions derived from the process umask before tightening the file to...

2.2CVSS5.5AI score0.00074EPSS
Exploits0References4Affected Software2
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.4 views

kernel: ovl: fix null pointer dereference in ovl_permission()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlpermission Following process: P1 P2 pathlookupat linkpathwalk inodepermission ovlpermission ovlipathrealinode, &realpath path-dentry = ovlidentryupperinode dropcache dentrykillovldentry...

5.5CVSS6.8AI score0.00133EPSS
Exploits0References5
Amazon
Amazon
added 2025/04/29 12:0 a.m.9 views

Important: kernel-livepatch-4.14.355-275.603

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential oob read in nilfsbtreecheckdelete CVE-2024-47757 In the Linux kernel, the following vulnerability has been resolved: ext4: fix double brelse the buffer of the extents path CVE-2024-49882 In t...

7.8CVSS6.8AI score0.00352EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/09/09 5:20 p.m.64 views

CVE-2022-36109

Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...

6.3CVSS5.4AI score0.00837EPSS
Exploits0
Snyk
Snyk
added 2022/06/16 2:26 p.m.2 views

Insecure Permissions

Overview Affected versions of this package are vulnerable to Insecure Permissions due to the gem file containing world-writeable files. This means everyone who is not the owner Group and Public with access to the instance where this release had been installed could modify the world-writable files...

3.3CVSS6.8AI score0.00251EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2021/06/14 12:0 a.m.85 views

container-tools:ol8 security update

buildah 1.19.7-2.0.1 - Fixes troubles with oracle registry login Orabug: 29937283 1.19.7-2 - revert changes to the state of 3.0-8.4.0 - Related: 1954702 conmon 2:2.0.26-3 - fix 'Permission on /dev/null are changing from 666 to 777 after running podman as root rhel-8.4.0.z' - Resolves: 1961682...

8.5CVSS0.7AI score0.06604EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2016:1351-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3.3CVSS4.3AI score0.0036EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2020/09/30 12:0 a.m.51 views

openSUSE Security Update : roundcubemail (openSUSE-2020-1516)

This update for roundcubemail fixes the following issues : roundcubemail was upgraded to 1.3.15 This is a security update to the LTS version 1.3. boo1175135 - Security: Fix cross-site scripting XSS via HTML messages with malicious svg content CVE-2020-16145 - Security: Fix cross-site scripting XS...

9.8CVSS7.8AI score0.84456EPSS
Exploits4References14
OSV
OSV
added 2020/02/21 4:35 p.m.11 views

SUSE-SU-2020:0434-1 Security update for pdsh, slurm_18_08

This update for pdsh, slurm1808 fixes the following issues: Slurm was included in the 18.08 release, as 'slurm1808' package. The version 18.08.9 contains all recent security fixes, including: - CVE-2019-19728: Fixed a privilege escalation with srun, where --uid might have unintended side effects...

9.8CVSS7.6AI score0.0268EPSS
Exploits0References19
OPENSUSE Linux
OPENSUSE Linux
added 2018/10/04 6:25 p.m.59 views

Security update for otrs (moderate)

This update for otrs to version 4.0.32 fixes the following issues: These security issues were fixed: - CVE-2018-16586: An attacker could have sent a malicious email to an OTRS system. If a logged in user opens it, the email could have caused the browser to load external image or CSS resources...

4.4AI score0.019EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.43 views

Fedora 27 : community-mysql (2017-9e28c78e07)

A quarter year regular dose of fixed CVE's. https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-20.html . rhbz1497694 : Fix owner and perms on log file in post script CVE fixes: rhbz1503701 CVE-2017-10155 CVE-2017-10227 CVE-2017-10268 CVE-2017-10276 CVE-2017-10279 CVE-2017-10283 CVE-2017-102...

7.5CVSS6.4AI score0.04291EPSS
Exploits0References13
OSV
OSV
added 2017/07/03 3:17 p.m.8 views

SUSE-SU-2017:1763-1 Security update for clamav

This update for clamav fixes the following issues: Security issue fixed: - CVE-2012-6706: Fixed an arbitrary memory write in VMSFDELTA filter in libclamunrar bsc1045490 Non security issue fixed: - Fix permissions of /var/spool/amavis. bsc815106...

10CVSS9.5AI score0.10027EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.12 views

Mandriva Linux Security Advisory : setup (MDVSA-2015:184)

Updated setup package fixes security vulnerability : An issue has been identified in Mandriva Business Server 2's setup package where the /etc/shadow and /etc/gshadow files containing password hashes were created with incorrect permissions, making them world-readable mga14516. This update fixes...

5.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.20 views

Oracle Linux 5 : bind (ELSA-2012-1267)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-1267 advisory. 30:9.3.6-20.P1.4 - bind-chroot-admin: set correct permissions on /etc/named.conf during update 30:9.3.6-20.P1.3 - fix CVE-2012-4244 Tenable has extracted the...

7.8CVSS6.8AI score0.36798EPSS
Exploits0References2
Rows per page
Query Builder