Lucene search
K

13 matches found

NVD
NVD
added 2026/06/24 8:16 a.m.8 views

CVE-2026-52920

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtpolicy: fix strict mode inbound policy matching matchpolicyin walks secpath entries from the last transform to the first one, but strict policy matching needs to consume info-pol in the same forward order as the rule...

8.3CVSS0.00299EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 8:16 a.m.2 views

UBUNTU-CVE-2026-52920

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtpolicy: fix strict mode inbound policy matching matchpolicyin walks secpath entries from the last transform to the first one, but strict policy matching needs to consume info-pol in the same forward order as the rule...

8.3CVSS5.6AI score0.00299EPSS
Exploits0References11
CVE
CVE
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52920

The CVE-2026-52920 involves the Linux kernel netfilter xt_policy module, where strict inbound policy matching previously consumed info->pol[] in an incorrect order when multiple transforms were applied. Root cause: match_policy_in() iterates sec_path entries from last to first, violating the f...

8.3CVSS5.7AI score0.00299EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 7:14 a.m.8 views

EUVD-2026-38723

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtpolicy: fix strict mode inbound policy matching matchpolicyin walks secpath entries from the last transform to the first one, but strict policy matching needs to consume info-pol in the same forward order as the rule...

5.7AI score0.00299EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.7 views

CVE-2026-52920

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtpolicy: fix strict mode inbound policy matching matchpolicyin walks secpath entries from the last transform to the first one, but strict policy matching needs to consume info-pol in the same forward order as the rule...

5.7AI score0.00299EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.27 views

CVE-2026-52920 netfilter: xt_policy: fix strict mode inbound policy matching

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtpolicy: fix strict mode inbound policy matching matchpolicyin walks secpath entries from the last transform to the first one, but strict policy matching needs to consume info-pol in the same forward order as the rule...

8.3CVSS0.00299EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.4 views

CVE-2026-52920

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtpolicy: fix strict mode inbound policy matching matchpolicyin walks secpath entries from the last transform to the first one, but strict policy matching needs to consume info-pol in the same forward order as the rule...

8.3CVSS5.7AI score0.00299EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51713

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter module where the match policy in function processes sec path entries in reverse order, from the last transform to the first. For strict policy matching,...

8.3CVSS5.7AI score0.00299EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-52920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: xtpolicy: fix strict mode inbound policy matching matchpolicyin walks secpath entries from the last transform to the first one, but strict policy...

8.3CVSS5.8AI score0.00299EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/03 11:12 p.m.11 views

OpenClaw's typed sender-key matching for toolsBySender prevents identity-collision policy bypass

Summary channels..groups..toolsBySender could match a privileged sender policy using a colliding mutable identity value for example senderName or senderUsername when deployments used untyped keys. The fix introduces explicit typed sender keys id:, e164:, username:, name:, keeps legacy untyped key...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References5Affected Software1
Slackware Linux
Slackware Linux
added 2023/11/07 8:3 p.m.57 views

[slackware-security] sudo

New sudo packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/sudo-1.9.15-i586-1slack15.0.txz: Upgraded. The sudoers plugin has been modified to make it more resilient to ROWHAMME...

8.1CVSS6.8AI score0.00571EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/08/02 12:0 a.m.65 views

GLSA-202207-01 : HashiCorp Vault: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202207-01 HashiCorp Vault: Multiple Vulnerabilities - HashiCorp Vault and Vault Enterprise allowed for enumeration of Secrets Engine mount paths via unauthenticated HTTP requests. Fixed in 1.6.2 & 1.5.7. CVE-2020-25594 - HashiCorp...

8.8CVSS6.1AI score0.01407EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2018/11/02 12:0 a.m.19 views

F5 Networks BIG-IP : F5 BIG-IP TMM vulnerability (K31404801)

In versions 13.0.0, 12.0.0-12.1.3, or 11.6.0-11.6.2, an F5 BIG-IP virtual server using the URL categorization feature may cause the Traffic Management Microkernel TMM to produce a core file when it receives malformed URLs during categorization. CVE-2017-6169. Impact An attacker may be able to...

6.8CVSS6.6AI score0.01448EPSS
Exploits0References2
Rows per page
Query Builder