RHEL 9 : Satellite 6.19.1 Async Update (Moderate) (RHSA-2026:22326)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22326 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity t...

osbuild-composer security update

An update is available for osbuild-composer. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A service for building customized OS artifacts, such as VM images a...

RHEL 10 : go-fdo-client and go-fdo-server (RHSA-2026:22141)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22141 advisory. This package provides a server-side implementation of the FIDO Device Onboard FDO specification, written in Go. FDO is an open standard fo...

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

CVE-2021-22301

Mate 30 10.0.0.203C00E201R7P2 have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow...

CVE-2022-31791

WatchGuard Firebox and XTM appliances allow a local attacker that has already obtained shell access to elevate their privileges and execute code with root permissions. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4...

EUVD-2018-19649

Malware in sbrugna...

EUVD-2020-29952

Malware in sbrugna...

EUVD-2016-1728

Malware in sbrugna...

EUVD-2021-23598

Malware in sbrugna...

EUVD-2024-33485

Malicious code in bioql PyPI...

EUVD-2023-34992

Malicious code in bioql PyPI...

EUVD-2021-9447

Malicious code in bioql PyPI...

EUVD-2021-9486

Malicious code in bioql PyPI...

Ensure That Scripts Writable by Low-Privilege Users Cannot Be Configured in the sudoers Configuration File

The sudo command enables a specified common user to execute certain programs with the root permission. The corresponding configuration file is /etc/sudoers. The administrator can configure rules to enable some scripts or binary files to run with the root permission. Therefore, only the root user...

CVE-2025-26412

The SIMCom SIM7600G modem supports an undocumented AT command, which allows an attacker to execute system commands with root permission on the modem. An attacker needs either physical access or remote shell access to a device that interacts directly with the modem via AT commands...

PT-2025-25199 · Simcom · Simcom Sim7600G

Name of the Vulnerable Software and Affected Versions: SIMCom SIM7600G modem affected versions not specified Description: The issue concerns an undocumented AT command in the SIMCom SIM7600G modem, allowing an attacker to execute system commands with root permission on the modem. This can be...

CVE-2023-49794

KernelSU is a Kernel-based root solution for Android devices. In versions 0.7.1 and prior, the logic of get apk path in KernelSU kernel module can be bypassed, which causes any malicious apk named me.weishu.kernelsu get root permission. If a KernelSU module installed device try to install any not...

CVE-2020-1826

Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.175C00E59R2P11 have an information leak vulnerability. Due to a module using weak encryption tool, an attacker with the root permission may exploit the vulnerability to obtain some information...

CVE-2019-5288

P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193C00E190R2P1 have an integer overflow vulnerability due to insufficient check on specific parameters. An attacker tricks the user into installing a malicious application, obtains the root permission and constructs specific parameters ...