31 matches found
DEBIAN-CVE-2026-42154
Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint /api/v1/read does not validate the declared decoded length in a snappy-compressed request body before allocating memory. An unauthenticated attacker can send a sma...
CVE-2026-42429 OpenClaw < 2026.4.8 - Privilege Escalation via Gateway Plugin HTTP Authentication
OpenClaw before 2026.4.8 contains a privilege escalation vulnerability in the gateway plugin HTTP authentication mechanism that escalates identity-bearing operator.read requests to runtime operator.write permissions. Attackers can exploit this by sending read-scoped requests through the gateway...
CVE-2026-42429 OpenClaw < 2026.4.8 - Privilege Escalation via Gateway Plugin HTTP Authentication
OpenClaw before 2026.4.8 contains a privilege escalation vulnerability in the gateway plugin HTTP authentication mechanism that escalates identity-bearing operator.read requests to runtime operator.write permissions. Attackers can exploit this by sending read-scoped requests through the gateway...
EUVD-2016-2527
Malware in sbrugna...
EUVD-2023-42914
Malicious code in bioql PyPI...
ROS-20250924-09
The sftpdecodechanneldatatopacket function of the libssh library has a vulnerability related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service Vulnerability in libssh library's sshgetfingerprinthash function is...
CVE-2025-50892
The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to properly validate privileges for I/O requests IRPMJREAD/IRPMJWRITE sent to its device object. This allows a local, low-privileged attacker to perform arbitrary raw disk reads and writes, leading to sensitive...
Linux Distros Unpatched Vulnerability : CVE-2023-39179
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied dat...
kernel: USB: serial: mos7840: fix crash on resume
In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 "USB: serial: use generic method if no alternative is provided in usb serial layer", USB serial core calls the generic resume implementation when the driver has...
kernel: USB: serial: mos7840: fix crash on resume
In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 "USB: serial: use generic method if no alternative is provided in usb serial layer", USB serial core calls the generic resume implementation when the driver has...
CVE-2023-39179
A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...
CVE-2023-39179
A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on...
kernel: USB: serial: mos7840: fix crash on resume
In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 "USB: serial: use generic method if no alternative is provided in usb serial layer", USB serial core calls the generic resume implementation when the driver has...
kernel: NFSD: Fix the behavior of READ near OFFSET_MAX
A vulnerability was found in the Linux kernel's NFSD, where improper handling of read requests near the maximum offset can lead to an integer overflow. When a client attempts to read from a near-maximum offset, it causes the server to return an invalid NFS error, resulting in indefinite retries b...
UBUNTU-CVE-2024-41075
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: Generic, copen can only complete open request...
CVE-2024-41075 cachefiles: add consistency check for copen/cread
In the Linux kernel, the following vulnerability has been resolved: cachefiles: add consistency check for copen/cread This prevents malicious processes from completing random copen/cread requests and crashing the system. Added checks are listed below: Generic, copen can only complete open request...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from a malicious process that could complete random copen/cread requests and cause a system crash...
CVE-2021-47275
In the Linux kernel, the following vulnerability has been resolved: bcache: avoid oversized read request in cache missing code path In the cache missing code path of cached device, if a proper location from the internal B+ tree is matched for a cache miss range, function cacheddevcachemiss will b...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing excessive read requests in the cache...
UBUNTU-CVE-2023-1072
An issue has been discovered in GitLab affecting all versions starting from 9.0 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. It was possible to trigger a resource depletion attack due to improper filtering for number of requests to...