Lucene search
K

8 matches found

EUVD
EUVD
added 6 days ago7 views

EUVD-2026-25004

mknod: Device nodes created mislabeled on SELinux, with broken cleanup removedir on a node...

4.4CVSS5.9AI score0.00142EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/22 6:31 p.m.7 views

EUVD-2026-25028

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the chcon utility of uutils coreutils during recursive operations. The implementation resolves recursive targets using a fresh path lookup via ftsaccpath rather than binding the traversal and label application to the specific directory...

4.5CVSS5.8AI score0.00088EPSS
Exploits0References3
OSV
OSV
added 2026/04/22 6:31 p.m.6 views

GHSA-79RC-QPW3-JV92 Duplicate Advisory: uutils coreutils has an Improper Preservation of Permissions issue

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r9hw-mj3w-phcq. This link is maintained to preserve external references. Original Description The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before...

3.4CVSS5.9AI score0.00142EPSS
Exploits1References5
CVE
CVE
added 2026/04/22 4:8 p.m.15 views

CVE-2026-35361

The CVE-2026-35361 issue affects the mknod utility in uutils coreutils. It describes non-atomic handling of security labels for created device nodes: mknod creates the nodes before applying the SELinux context, and on labeling failure attempts cleanup via std::fs::remove_dir, which cannot remove ...

4.4CVSS5.8AI score0.00142EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2024/05/10 11:7 a.m.3 views

OESA-2024-1556 xorg-x11-server-xwayland security update

Xwayland is an X server for running X clients under Wayland. %package devel Summary: Development package Requires: pkgconfig %description devel The development package provides the developmental files which are necessary for developing Wayland compositors using Xwayland. %prep %autosetup -n...

9.8CVSS7AI score0.02106EPSS
Exploits0References6
OSV
OSV
added 2024/01/22 1:13 p.m.5 views

USN-6587-2 xorg-server vulnerabilities

USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and...

9.8CVSS7AI score0.02106EPSS
Exploits0References7
Oracle linux
Oracle linux
added 2015/11/23 12:0 a.m.85 views

ntp security, bug fix, and enhancement update

4.2.6p5-22 - check origin timestamp before accepting KoD RATE packet CVE-2015-7704 - allow only one step larger than panic threshold with -g CVE-2015-5300 4.2.6p5-20 - validate lengths of values in extension fields CVE-2014-9297 - drop packets with spoofed source address ::1 CVE-2014-9298 - rejec...

6.8CVSS0.9AI score0.1095EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2015/06/23 9:29 a.m.5 views

Moderate: Red Hat Bug Fix Advisory: docker bug fix update

Updated docker packages that fix several bugs are now available for Red Hat Enterprise Linux 7 Extras. Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. This update fixes the...

7.8CVSS6.9AI score0.00609EPSS
Exploits0References19
Rows per page
Query Builder