2011 matches found
CVE-2026-35025
ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...
EUVD-2026-38726
In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ipv6: fixed an error in ip6routenetexitlate During the initialization of ip6routenetinitlate, if the files ipv6route or rt6stats fail to be created, the initialization is successful by default. Therefore, the ipv6route or rt6stat...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs/proc: taskmmu.c: Do not read mapcount for migration entries The syzbot reported the following bug: Kernel bug at include/linux/page-flags.h: 785 Invalid opcode: 0000 1 PREEMPT SMP KASAN CPU: 1; PID: 4392; Comm: syz-executor560...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow A UAF can occur when reading /proc/cpuset, as reported in 1. This issue can be reproduced using the following methods: 1. Add an mdelay1000 before acquiring the cgrouplock in the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: xtensa: simdisk: added input size checking in procwritesimdisk A malicious user could potentially enter an arbitrarily bad value into memdupusernul, which might cause the kernel to crash. This follows the same pattern as the patc...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed a use-after-free bug in cifsdebugdataprocShow Skipped SMB sessions that are being terminated e.g., @ses-sesstatus == SESEXITING in cifsdebugdataProcShow to avoid use-after-free issues with @ses. This fix...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: “smack”: fixed a bug where an unprivileged task could create labels. If an unprivileged task is allowed to relabel itself "/smack/relabel-self is not empty", it can freely create new labels by writing their names into its own...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: In the proc subsystem, the same handling is used for checking proclseek as for procreaditer and others. Directly checking pde-procops-proclseek may lead to a Use-After-Value UAF in the rmmod scenario. This issue arises from a fla...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: sysctl: Always initialize iuid/igid. iuid/igid is always initialized within the sysfs core, so setownership can safely skip setting them. The commit 5ec27ec735ba from “fs/proc/procsysctl.c: fix the default values of iuid/igid on...
Astra Linux – Vulnerability in xorg-server
A use-after-free vulnerability was discovered in the ProcRenderAddGlyphs function of Xorg servers. This issue arises when the AllocateGlyph function is called to store new glyphs sent by the client to the X server. As a result, multiple entries may point to the same non-refcounted glyphs...
UBUNTU-CVE-2026-48617
A flaw in Node.js Permission Model enforcement allows Bypass via process.report.writeReport Path Misvalidation. This can lead to confidentiality impact or bypass of the intended security boundary under affected configurations. This vulnerability affects all supported release lines: Node.js 22,...
Siemens RUGGEDCOM RST2428P Permissive Regular Expression (CVE-2025-40271)
"In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...
Exploit for CVE-2026-46394
CVE-2026-46394 - HAXcms Git.php OS Command Injection CWE-78...
proc-macro-error2 is unmaintained
The author of proc-macro-error2 has confirmed that the crate is no longer maintained and recommends that users migrate away from it. proc-macro-error2 was originally created as a maintained fork of proc-macro-error see RUSTSEC-2024-0370. Both the original crate and this fork are now unmaintained...
RUSTSEC-2026-0173 proc-macro-error2 is unmaintained
The author of proc-macro-error2 has confirmed that the crate is no longer maintained and recommends that users migrate away from it. proc-macro-error2 was originally created as a maintained fork of proc-macro-error see RUSTSEC-2024-0370. Both the original crate and this fork are now unmaintained...
SUSE CVE-2025-22242
Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pubret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by...
CVE-2026-7711
A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byomhandler/procwrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit ha...
Securing CI/CD in an agentic world: Claude Code Github action case
Microsoft Threat Intelligence discovered that Anthropic's Claude Code GitHub Action could expose CI/CD workflow secrets when AI agents process untrusted GitHub content, including issue bodies, pull request descriptions, and comments. We found that while Claude Code Action supported environment...
kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
In the Linux kernel, the following vulnerability has been resolved: proc: use the same treatment to check proclseek as ones for procreaditer et.al Check pde-procops-proclseek directly may cause UAF in rmmod scenario. It's a gap in procregopen after commit 654b33ada4ab"proc: fix UAF in...