CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Github Security Blog•added 2026/04/22 6:31 p.m.•3 views

uutils coreutils has an Improper Preservation of Permissions issue

The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility attempts cleanup using std::fs::removedir, which cannot remove device nodes or FIFOs. This leaves mislabeled nodes behind wi...

4.4CVSS5.2AI score0.00018EPSS

Exploits1References5Affected Software1

Cvelist•added 2026/04/22 4:9 p.m.•25 views

CVE-2026-35376 uutils coreutils chcon Security Bypass and Mandatory Access Control (MAC) Inconsistency via TOCTOU Race Condition

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the chcon utility of uutils coreutils during recursive operations. The implementation resolves recursive targets using a fresh path lookup via ftsaccpath rather than binding the traversal and label application to the specific directory...

4.5CVSS0.00013EPSS

Tenable Nessus•added 2026/01/22 12:0 a.m.•2 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-41076)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41076 advisory. - In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in...

Redos•added 2026/01/12 12:0 a.m.•4 views

ROS-20260112-7351

A vulnerability in the nfs4setsecuritylabel function of the fs/nfs/nfs4proc.c module of the Linux operating system kernel is related to improper memory release before deleting the last link "memory leak". Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.5AI score0.00028EPSS

Exploits0

EUVD•added 2025/12/21 9:30 p.m.•2 views

EUVD-2025-204674

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HappyDevs TempTool allows Retrieve Embedded Sensitive Data.This issue affects TempTool: from n/a through 1.3.1...

4.3CVSS6.3AI score0.00037EPSS

EUVD•added 2025/12/02 9:10 p.m.•3 views

EUVD-2025-200292

Apptainer ineffectively applies selinux and apparmor --security options...

4.5CVSS6.2AI score0.00016EPSS

Exploits0References7

OSV•added 2025/12/02 5:49 p.m.•2 views

CVE-2025-65105 Apptainer ineffective application of selinux and apparmor --security options

Apptainer is an open source container platform. In Apptainer versions less than 1.4.5, a container can disable two of the forms of the little used --security option, in particular the forms --security=apparmor: and --security=selinux: which otherwise put restrictions on operations that containers...

4.5CVSS6.8AI score0.00016EPSS

Exploits0References8

RedHat Linux•added 2024/12/19 12:58 a.m.•1 views

kernel: nfsd: ensure that nfsd4_fattr_args.context is zeroed out

In the Linux kernel, the following vulnerability has been resolved: nfsd: ensure that nfsd4fattrargs.context is zeroed out If nfsd4encodefattr4 ends up doing a "goto out" before we get to checking for the security label, then args.context will be set to uninitialized junk on the stack, which we'l...

RedHat Linux•added 2024/09/24 2:39 a.m.•2 views

kernel: NFSv4: Fix memory leak in nfs4_set_security_label

A vulnerability was found in the nfs4setsecuritylabel in the Linux kernel, where the function fails to free the nfsfattr attribute before exiting, leaving said memory allocation present. As the nfs4setsecuritylabel is called repeatedly over time, this may lead to memory exhaustion...

RedHat Linux•added 2024/09/24 12:40 a.m.•1 views

kernel: NFSv4: Fix memory leak in nfs4_set_security_label

SUSE CVE•added 2024/09/14 2:51 a.m.•1 views

SUSE CVE-2024-46697

5.5CVSS7.6AI score0.00028EPSS

Exploits0References3

RedhatCVE•added 2024/09/13 3:13 p.m.•14 views

CVE-2024-46697

5.5CVSS7.3AI score0.00028EPSS

Exploits0References4

OSV•added 2024/09/13 6:15 a.m.•1 views

DEBIAN-CVE-2024-46697

5.5CVSS5.5AI score0.00028EPSS

Exploits0References1

Cvelist•added 2024/09/13 5:29 a.m.•25 views

CVE-2024-46695 selinux,smack: don't bypass permissions check in inode_setsecctx hook

In the Linux kernel, the following vulnerability has been resolved: selinux,smack: don't bypass permissions check in inodesetsecctx hook Marek Gresko reports that the root user on an NFS client is able to change the security labels on files on an NFS filesystem that is exported with root squashin...

0.00003EPSS

Exploits0References6

Microsoft CVE•added 2024/09/11 7:0 a.m.•1 views

NFSv4: Fix memory leak in nfs4_set_security_label

...

5.5CVSS7.3AI score0.00028EPSS

Exploits0

OSV•added 2024/09/03 7:15 p.m.•3 views

AZL-48519 CVE-2024-45310 affecting package buildah for versions less than 1.41.4-2

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...

3.6CVSS7AI score0.0015EPSS

Exploits0References1

RedHat Linux•added 2024/09/03 3:48 p.m.•1 views

kernel: NFSv4: Fix memory leak in nfs4_set_security_label

RedHat Linux•added 2024/08/28 12:34 p.m.•2 views

kernel: NFSv4: Fix memory leak in nfs4_set_security_label