678 matches found
CVE-2026-5713
The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...
CVE-2026-5713
The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...
UBUNTU-CVE-2026-5713
The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...
CVE-2026-5713
The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the profiling.sampling module of asyncio introspection capabilities feature when a privileged process connects to a malicious process via the remote debugging tool. An attacker can read and write memory...
PSF-2026-19
The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...
CVE-2026-5713 Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target
The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...
Linux Distros Unpatched Vulnerability : CVE-2026-5713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The profiling.sampling module Python 3.15+ and asyncio introspection capabilities 3.14+, python -m asyncio ps and python -m asyncio pstree features could be use...
PT-2026-32696
Name of the Vulnerable Software and Affected Versions CPython versions 3.14 and later Description The profiling.sampling module and asyncio introspection capabilities, specifically the 'python -m asyncio ps' and 'python -m asyncio pstree' commands, allow for out-of-bounds read and write operation...
IDrive 安全漏洞
IDrive is a cloud backup and cloud storage service solution provided by the American company IDrive. There is a security vulnerability in IDrive, which stems from the idservice.exe process using privileged access to read files. This vulnerability could allow attackers to specify any executable pa...
EUVD-2026-12910
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by passing the opened...
CVE-2026-23268
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by passing the opened...
CVE-2025-32453
Incorrect default permissions for some IntelR Graphics Driver software within Ring 2: Privileged Process may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...
CVE-2026-26225
Intego Personal Backup on macOS is affected by a local privilege escalation due to processing of crafted serialized task files. Task definitions are stored in a location writable by non-privileged users, but are processed with elevated privileges, allowing an attacker to perform arbitrary file wr...
PT-2026-7307
Name of the Vulnerable Software and Affected Versions IntelR Graphics Driver affected versions not specified Description A configuration issue with default permissions within some IntelR Graphics Driver software operating in Ring 2—a privileged process—could allow an escalation of privilege. An...
CVE-2025-41728
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...
CVE-2025-41728
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...
CVE-2025-41728 Beckhoff: Information leak via Beckhoff Device Manager
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...
PT-2026-4911
A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003957)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003957 advisory. A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while...