Lucene search
K

678 matches found

NVD
NVD
added 2026/04/14 4:16 p.m.6 views

CVE-2026-5713

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

5.3CVSS0.00132EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/04/14 4:16 p.m.14 views

CVE-2026-5713

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

5.3CVSS5.8AI score0.00132EPSS
Exploits0References5
OSV
OSV
added 2026/04/14 4:16 p.m.9 views

UBUNTU-CVE-2026-5713

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

5.3CVSS5.8AI score0.00132EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/04/14 3:11 p.m.6 views

CVE-2026-5713

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

5.3CVSS5.3AI score0.00132EPSS
Exploits0
Snyk
Snyk
added 2026/04/14 3:11 p.m.5 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the profiling.sampling module of asyncio introspection capabilities feature when a privileged process connects to a malicious process via the remote debugging tool. An attacker can read and write memory...

6CVSS6AI score0.00132EPSS
Exploits0References2
OSV
OSV
added 2026/04/14 3:11 p.m.12 views

PSF-2026-19

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

5.3CVSS5.8AI score0.00132EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/14 3:11 p.m.3 views

CVE-2026-5713 Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

5.3CVSS5.8AI score0.00132EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-5713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The profiling.sampling module Python 3.15+ and asyncio introspection capabilities 3.14+, python -m asyncio ps and python -m asyncio pstree features could be use...

5.3CVSS5.9AI score0.00132EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.6 views

PT-2026-32696

Name of the Vulnerable Software and Affected Versions CPython versions 3.14 and later Description The profiling.sampling module and asyncio introspection capabilities, specifically the 'python -m asyncio ps' and 'python -m asyncio pstree' commands, allow for out-of-bounds read and write operation...

5.7CVSS5.8AI score0.00202EPSS
Exploits0References97
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.13 views

IDrive 安全漏洞

IDrive is a cloud backup and cloud storage service solution provided by the American company IDrive. There is a security vulnerability in IDrive, which stems from the idservice.exe process using privileged access to read files. This vulnerability could allow attackers to specify any executable pa...

7.8CVSS7.5AI score0.00171EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/18 6:31 p.m.5 views

EUVD-2026-12910

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by passing the opened...

5.7AI score0.00134EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/18 5:54 p.m.3 views

CVE-2026-23268

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by passing the opened...

7.8CVSS5.7AI score0.00134EPSS
Exploits0References10Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/16 7:30 p.m.7 views

CVE-2025-32453

Incorrect default permissions for some IntelR Graphics Driver software within Ring 2: Privileged Process may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...

6.7CVSS5.4AI score0.00109EPSS
Exploits0References1
CVE
CVE
added 2026/02/12 9:57 p.m.10 views

CVE-2026-26225

Intego Personal Backup on macOS is affected by a local privilege escalation due to processing of crafted serialized task files. Task definitions are stored in a location writable by non-privileged users, but are processed with elevated privileges, allowing an attacker to perform arbitrary file wr...

8.5CVSS5.7AI score0.00181EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.7 views

PT-2026-7307

Name of the Vulnerable Software and Affected Versions IntelR Graphics Driver affected versions not specified Description A configuration issue with default permissions within some IntelR Graphics Driver software operating in Ring 2—a privileged process—could allow an escalation of privilege. An...

6.7CVSS5.4AI score0.00109EPSS
Exploits0References3
NVD
NVD
added 2026/01/27 12:15 p.m.9 views

CVE-2025-41728

A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...

5.3CVSS0.00309EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/27 11:37 a.m.5 views

CVE-2025-41728

A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...

5.3CVSS5.8AI score0.00309EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/27 11:37 a.m.6 views

CVE-2025-41728 Beckhoff: Information leak via Beckhoff Device Manager

A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...

5.3CVSS5.8AI score0.00309EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.9 views

PT-2026-4911

A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...

5.3CVSS5.8AI score0.00309EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003957)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003957 advisory. A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while...

4.5CVSS6.5AI score0.00225EPSS
Exploits0References3
Rows per page
Query Builder