VulnCheck KEV: CVE-2009-3547

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service NULL pointer dereference and system crash or gain privileges by attempting to open an anonymous pipe via a /proc//fd/ pathname...

Exploit for Improper Initialization in Linux Linux_Kernel

markdown Chrono-Drip: Temporal Viscosity Exploitation Frame...

EUVD-2025-206578

Chef InSpec up to version 5.23 creates named pipes with overly permissive default Windows access controls. A local attacker may interfere with the pipe connection process and exploit the insufficient access restrictions to assume the InSpec execution context, potentially resulting in elevated...

CVE-2026-1680

Improper access control in the WCF endpoint in Edgemo now owned by Danoffice IT Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator via direct communication with the LocalAdminService.exe named pipe, bypassing client-side group...

CVE-2026-1680

Improper access control in the WCF endpoint in Edgemo now owned by Danoffice IT Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator via direct communication with the LocalAdminService.exe named pipe, bypassing client-side group...

CVE-2026-1680 Local Privilege Escalation in Local Admin Service

Improper access control in the WCF endpoint in Edgemo now owned by Danoffice IT Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator via direct communication with the LocalAdminService.exe named pipe, bypassing client-side group...

CVE-2026-1680

Improper access control in the WCF endpoint in Edgemo now owned by Danoffice IT Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator via direct communication with the LocalAdminService.exe named pipe, bypassing client-side group...

EUVD-2026-5045

Improper access control in the WCF endpoint in Edgemo now owned by Danoffice IT Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator via direct communication with the LocalAdminService.exe named pipe, bypassing client-side group...

CVE-2026-1680 Local Privilege Escalation in Local Admin Service

Improper access control in the WCF endpoint in Edgemo now owned by Danoffice IT Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator via direct communication with the LocalAdminService.exe named pipe, bypassing client-side group...

CVE-2026-1680

CVE-2026-1680 affects Edgemo (now Danoffice IT) Local Admin Service 1.2.7.23180 on Windows. The issue is an improper access control in the WCF endpoint, enabling a local user to escalate privileges to local administrator by directly communicating with the LocalAdminService.exe named pipe, bypassi...

PT-2026-5382

Improper access control in the WCF endpoint in Edgemo now owned by Danoffice IT Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator via direct communication with the LocalAdminService.exe named pipe, bypassing client-side group...

Danoffice IT Edgemo Local Admin Service has security vulnerabilities

Danoffice IT Edgemo Local Admin Service is a local administrator permission management tool provided by the Danish company Danoffice IT. Version 1.2.7.23180 of Danoffice IT Edgemo Local Admin Service contains a security vulnerability. This vulnerability stems from improper access control of WCF...

PT-2026-5405

Name of the Vulnerable Software and Affected Versions AWStats version 8.0 Description AWStats version 8.0 contains a command injection issue due to an unsafe use of the open function in Perl when processing HTTP GET parameters. Specifically, the presence of a pipe symbol '|' within a parameter ca...

Exploit for Improper Initialization in Linux Linux_Kernel

Naive detector and reproducer of CVE-2022-0847 dirty pipe. Use...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004839)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004839 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Fix global state lock backoff We need to grab the lock after the early return for...

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper tracking of device references in pipe network devices using DSA. This can lead to...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21735)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21735 advisory. - In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Add bounds checking in...

MiracleLinux 9 : ghostscript-9.54.0-10.el9 (AXSA:2023-6481:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6481:03 advisory. ghostscript: vulnerable to OS command injection due to mishandles permission validation for pipe devices CVE-2023-36664 Tenable has extracted the preceding...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001572 advisory. A flaw was found in the way the flags member of the new pipe buffer structure was lacking proper initialization in copypagetoiterpipe and pushpipe functions in the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001191)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001191 advisory. Off-by-one error in the pipeadvance function in lib/ioviter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized...