Lucene search
K

131 matches found

CVE
CVE
added 2025/09/04 3:32 p.m.28 views

CVE-2025-38696

CVE-2025-38696 (Linux kernel, MIPS) : The issue occurs in stack_top() for tasks without an ABI or vDSO mapping (e.g., kthreads). If such a task calls stack_top(), it can dereference a NULL ABI pointer and crash. Affected area is the MIPS support in the Linux kernel; the advisory notes the crash c...

5.5CVSS5.8AI score0.00171EPSS
Exploits0References11Affected Software1
The Hacker News
The Hacker News
added 2025/08/18 10:56 a.m.8 views

Malicious PyPI and npm Packages Discovered Exploiting Dependencies in Supply Chain Attacks

Cybersecurity researchers have discovered a malicious package in the Python Package Index PyPI repository that introduces malicious behavior through a dependency that allows it to establish persistence and achieve code execution. The package, named termncolor , realizes its nefarious functionalit...

7.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-26785

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a create function statement...

9.8CVSS6.7AI score0.02098EPSS
Exploits2References2
OSV
OSV
added 2025/07/11 5:56 a.m.6 views

BIT-MYSQL-CLIENT-2023-26785

MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

9.8CVSS8.7AI score0.02098EPSS
Exploits2References3
OSV
OSV
added 2025/07/11 5:52 a.m.4 views

BIT-MARIADB-MIN-2023-26785

MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

9.8CVSS8.7AI score0.02098EPSS
Exploits2References3
OSV
OSV
added 2025/07/11 5:52 a.m.5 views

BIT-MARIADB-2023-26785

MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

9.8CVSS8.7AI score0.02098EPSS
Exploits2References3
Packet Storm
Packet Storm
added 2025/05/19 12:0 a.m.161 views

📄 Automic Automation Agent Unix Privilege Escalation

An agent configured to run in privileged mode using the SetUID-Bit can be used to escalate privileges, by supplying an ini file with the "authentication" option set to "PAM" and the "libName" option set to a shared object file controlled by the attacker. The shared object will be loaded in an...

8.3AI score
Exploits0
CNNVD
CNNVD
added 2025/04/26 12:0 a.m.3 views

GL.iNet Router 安全漏洞

GL.iNet Router is a series of routers from China's Guanglian Zhitong GL.iNet company. A security vulnerability exists in GL.iNet Router that originates from a buffer overflow in the plugins.so file of the RPC Handler component...

8.6CVSS8.2AI score0.00381EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/11/05 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates in the LoongArch architecture, where a task may call the stacktop function without a vDSO mapping, which...

5.5CVSS6.4AI score0.00217EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/10/19 10:37 a.m.3 views

SUSE CVE-2023-26785

MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

9.8CVSS8.7AI score0.02098EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2024/10/17 10:15 p.m.4 views

CVE-2023-26785

MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

9.8CVSS6.7AI score0.02098EPSS
Exploits2References3
OSV
OSV
added 2024/10/17 10:15 p.m.5 views

CVE-2023-26785

MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

9.8CVSS7.9AI score0.02098EPSS
Exploits2References2
OSV
OSV
added 2024/10/17 10:15 p.m.1 views

UBUNTU-CVE-2023-26785

MariaDB v10.5 was discovered to contain a remote code execution RCE vulnerability via UDF Code in a Shared Object File, followed by a "create function" statement. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

9.8CVSS6.4AI score0.02098EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.4 views

PT-2024-33216 · Wanxing Technology · Wanxing Technology Yitu Project Management Kirin Edition

Name of the Vulnerable Software and Affected Versions: Wanxing Technology Yitu Project Management Kirin Edition version 2.3.6 Description: The issue allows a remote attacker to execute arbitrary code via a specially constructed so file in /opt/EdrawProj-2/plugins/imageformat. This enables the...

9.8CVSS7.7AI score0.00734EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2024/08/06 4:18 p.m.380 views

USN-6945-1: wpa_supplicant and hostapd vulnerability

Rory McNamara discovered that wpasupplicant could be made to load arbitrary shared objects by unprivileged users that have access to the control interface. An attacker could use this to escalate privileges to root...

8.8CVSS7.3AI score0.00658EPSS
Exploits1References1
Gitee
Gitee
added 2023/11/12 5:8 a.m.12 views

Exploit for Out-of-bounds Write in Polkit_Project Polkit

PoC exploit for CVE-2021-4034, a Local Privilege Escalation Vulnerability in polkit’s pkexec. The exploit is implemented in Python and utilizes the PwnKit vulnerability to gain elevated privileges. The code creates a malicious shared object SO that, when loaded by pkexec, executes a setuid0 and...

7.8CVSS7.4AI score0.94921EPSS
Exploits151
Fedora
Fedora
added 2023/11/04 3:42 a.m.18 views

[SECURITY] Fedora 38 Update: netconsd-0.4-1.fc38

This is a daemon for receiving and processing logs from the Linux Kernel, as emitted over a network by the kernel's netconsole module. It supports both the old "legacy" text-only format, and the new extended format added in v4.4. The core of the daemon does nothing but process messages and drop...

7.3AI score
Exploits0
Fedora
Fedora
added 2023/11/03 1:11 a.m.15 views

[SECURITY] Fedora 37 Update: netconsd-0.4-1.fc37

This is a daemon for receiving and processing logs from the Linux Kernel, as emitted over a network by the kernel's netconsole module. It supports both the old "legacy" text-only format, and the new extended format added in v4.4. The core of the daemon does nothing but process messages and drop...

7.3AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.4 views

SUSE CVE-2010-3847

elf/dl-load.c in ld.so in the GNU C Library aka glibc or libc6 through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LDAUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object DSO located in an arbitrary...

6.9CVSS9.3AI score0.08747EPSS
Exploits20References8
Rockylinux
Rockylinux
added 2023/01/23 2:30 p.m.15 views

nbdkit bug fix update

An update is available for nbdkit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Network Block Device NBD is a protocol for accessing hard disks and other...

0.1AI score
Exploits0
Rows per page
Query Builder