3207 matches found
Exploit for Write-what-where Condition in Linux Linux_Kernel
CVE-2026-43284 xfrm/ESP page cache write exploit, 4 byte primit...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CVE-2026-31431 - Linux Kernel AFALG "Copy Fail" Local Privile...
SUSE-SU-2026:1876-1 Security update for openssh
This update for openssh fixes the following issues - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35414: mishandling of authorizedkeys principals option bsc1261430...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
copyfail — CVE-2026-31431 4-byte page-cache write primitive →...
OPENSUSE-SU-2026:20757-1 Security update for openssh
This update for openssh fixes the following issues Security issues fixed: - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35414: mishandling of authorizedkeys principals option bsc1261430. Other issues fixed: - SSH port not reachable on...
CVE-2026-41702
VMware Fusion contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is install...
CVE-2026-41702 TOCTOU local privilege escalation vulnerability
VMware Fusion contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is install...
EUVD-2026-30510
VMware Fusion contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is install...
VMware Fusion 安全漏洞
VMware Fusion is a virtual machine software developed by VMware Corporation in the United States, designed specifically for running Windows applications on Apple machines. VMware Fusion has a security vulnerability, which stems from an TOCTOU issue during the execution of SETUID binary files. Thi...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
copyfail-sh No race. No offsets. No prebuilt binary to blin...
SUSE-SU-2026:21634-1 Security update for openssh
This update for openssh fixes the following issues - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35414: mishandling of authorizedkeys principals option bsc1261430...
CVE-2026-41163
bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...
UBUNTU-CVE-2026-41163
bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...
CVE-2026-41163
bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...
CVE-2026-41163 bubblewrap vulnerable to privilege escalation in setuid mode via ptrace
bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...
CVE-2026-41163
bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...
CVE-2026-41163
CVE-2026-41163 affects bubblewrap when installed in setuid mode from version 0.11.0 up to before 0.11.2. The vulnerability arises because an attacker can use ptrace to attach to bubblewrap and manipulate the unprivileged portion of the sandbox setup phase, enabling the attacker to perform privile...
CVE-2026-41163 bubblewrap vulnerable to privilege escalation in setuid mode via ptrace
bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...
CVE-2026-41163
bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...
Bubblewrap 安全漏洞
Bubblewrap is a set of open-source, non-privileged sandbox tools developed by Containers. Versions of Bubblewrap from 0.11.0 to 0.11.2 contained security vulnerabilities. These vulnerabilities stemmed from the ability for users to attach to Bubblewrap using setuid mode and control the...