327 matches found
GHSA-H9Q6-HC68-35RP vulnerabilities
Vulnerabilities for packages: flyte...
UBUNTU-CVE-2026-43490
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...
CVE-2026-43490
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...
Unity Linux 20.1060e / 20.1070e Security Update: samba (UTSA-2026-017656)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017656 advisory. A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that...
CVE-2026-43350
In the Linux kernel, a vulnerability in the SMB client path can allow a malicious server to exploit an ACE with sid_unix_NFS_mode by providing an ACE with only two subauthorities. parse_dacl() would treat this as an NFS mode SID and read sub_auth[2], potentially reading four bytes past the end of...
CVE-2026-43350
In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...
PT-2026-39001
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the SMB client where the parse dacl function incorrectly handles Access Control Entry ACE SIDs. The function treats an ACE SID matching sid unix NFS mode as an NFS mode...
BELL-CVE-2026-43164 CVE-2026-43164 does not affect BellSoft software
Bulletin has no description...
CVE-2026-6210
creationtimestamp| type| source ---|---|--- 2026-05-06 13:44:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml6tj2dlhc2r...
CVE-2026-31611
In the Linux kernel, the following vulnerability has been resolved: ksmbd: require 3 sub-authorities before reading subauth2 parsedacl compares each ACE SID against sidunixNFSmode and on match reads sid.subauth2 as the file mode. If sidunixNFSmode is the prefix S-1-5-88-3 with numsubauth = 2 then...
GHSA-3MCX-6WXM-QR8V
creationtimestamp| type| source ---|---|--- 2026-04-10 21:24:33+00:00| seen| Telegram/EoubZoYE34cwfOKYIK3rDqJUepVUHxboU2AFga2-YHkJtiw...
GHSA-FMWV-62WF-2HGX
creationtimestamp| type| source ---|---|--- 2026-04-06 23:22:09+00:00| seen| Telegram/m01DCzKFy5kAtT9sjIWhyEARPkz65AkyqWTYGgzfJ1E6g...
GHSA-3JR7-6HQP-X679
creationtimestamp| type| source ---|---|--- 2026-04-04 01:18:11+00:00| seen| Telegram/NqFWwBgJewLI29Tb0q1DIosuMN7rhj0bJY4LtsK35hxc...
GHSA-FVVP-RJ8G-C7GC
creationtimestamp| type| source ---|---|--- 2026-04-02 22:22:50+00:00| seen| Telegram/8YijTp8Bkg1BgPYn1xfGtyu-IfZ2h3UIXQPTCviuLwYJAlo...
MINI-PG3R-G76V-C47G
Bulletin has no description...
CVE-2026-27180
creationtimestamp| type| source ---|---|--- 2026-02-18 21:30:16+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mf5zmgksbs2n 2026-02-18 21:30:18+00:00| seen| https://infosec.exchange/users/offseq/statuses/116093761184172626 2026-02-18 22:18:34+00:00| seen|...
π Microsoft Windows 11 build 10.0.27898.1000 Local Privilege Escalation
Proof of concept exploit designed to test a potential local privilege escalation vulnerability in Windows, specifically targeting a feature called AiRegistrySync. It checks if modifications made by a standard user in their own Registry profile can be automatically synchronized propagated into the...
EUVD-2026-4309
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...
EUVD-2026-4244
Authorization Bypass Through User-Controlled Key vulnerability in XLPlugins NextMove Lite woo-thank-you-page-nextmove-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NextMove Lite: from n/a through = 2.23.0...
EUVD-2026-3980
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AivahThemes Anona anona allows Path Traversal.This issue affects Anona: from n/a through = 8.0...