320 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: parisc: Revised the gateway LWS calls to probe user read access. We use load and stbys,e instructions to trigger memory reference interruptions without writing to memory. Due to the way read access support is implemented, read...
CVE-2026-42181
Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.19.18, Lemmy fetches metadata for user-supplied post URLs and, under the default StoreLinkPreviews image mode, downloads the preview image through local pict-rs. While the top-level page URL is checked against internal IP...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: parisc: Revise getuser to probe user read access Because of the way read access support is implemented, read access interruptions are only triggered at privilege levels 2 and 3. The kernel executes at privilege level 0, so getuse...
CVE-2026-41411
Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is passed through wildcard expansion to resolve environment variables and wildcards. If the filena...
CVE-2026-28264
Dell PowerProtect Agent Service (versions prior to 20.1) is affected by an Incorrect Permission Assignment for Critical Resource vulnerability. A low-privileged attacker with local access could trigger information exposure. Affected component: Dell PowerProtect Agent Service. Root cause: incorrec...
CVE-2026-20114
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...
PT-2026-22562
In MAE, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10431940; Issue ID: MSV-5843...
CVE-2026-20037
A vulnerability in the NX-OS CLI privilege levels of Cisco UCS Manager Software could allow an authenticated, local attacker with read-only privileges to modify files and perform unauthorized actions on an affected system. This vulnerability exists because unnecessary privileges are given to the...
CVE-2021-41614
An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The read/write access permissions to the Exception Program Counter Register EPCR are not implemented correctly. User programs from an unauthorized privilege level can make read/write accesses to EPCR...
CVE-2019-20025
Certain builds of NEC SV9100 software could allow an unauthenticated, remote attacker to log into a device running an affected release with a hardcoded username and password, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account with manufacturer privileg...
EUVD-2025-50785
A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET Supervisor-mode Exception Return instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode M-mode to Supervisor-mode S-mode as specified by...
EUVD-2020-3058
Malware in sbrugna...
EUVD-2021-14208
Malware in sbrugna...
EUVD-2020-24479
Malware in sbrugna...
EUVD-2018-0973
Malware in sbrugna...
EUVD-2009-3695
Malware in sbrugna...
EUVD-2007-4895
Malware in sbrugna...
EUVD-2017-15088
Malware in sbrugna...
EUVD-2021-6857
Malicious code in bioql PyPI...
EUVD-2024-16344
Malicious code in bioql PyPI...