1809 matches found
Windows Routing and Remote Access Service integer overflow
Added: 03/23/2026 Background The Windows Routing and Remote Access Service supports remote user or site-to-site connectivity by using VPN or dial-up connections. Problem An integer overflow vulnerability in the Windows Routing and Remote Access Service allow command execution when a domain-joined...
Improper Cleanup on Thrown Exception
Overview Affected versions of this package are vulnerable to Improper Cleanup on Thrown Exception when cleaning up tmp files. Temporary storage can be exhausted during the scanning process by an attacker providing large or highly compressed artifacts, leading to the accumulation of temporary file...
Ubuntu CVE-2026-3888 Bug Lets Attackers Gain Root via systemd Cleanup Timing Exploit
A high-severity security flaw affecting default installations of Ubuntu Desktop versions 24.04 and later could be exploited to escalate privileges to the root level. Tracked as CVE-2026-3888 CVSS score: 7.8, the issue could allow an attacker to seize control of a susceptible system. "This flaw...
CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root
The Qualys Threat Research Unit has identified a Local Privilege Escalation LPE vulnerability affecting default installations of Ubuntu Desktop version 24.04 and later. This flaw CVE-2026-3888 allows an unprivileged local attacker to escalate privileges to full root access through the interaction...
CVE-2026-28384
An improper sanitization of the compressionalgorithm parameter in Canonical LXD allows an authenticated, unprivileged user to execute commands as the LXD daemon on the LXD server via API calls to the image and backup endpoints. This issue affected LXD from 4.12 through 6.6 and was fixed in the sn...
DEBIAN-CVE-2026-28384
An improper sanitization of the compressionalgorithm parameter in Canonical LXD allows an authenticated, unprivileged user to execute commands as the LXD daemon on the LXD server via API calls to the image and backup endpoints. This issue affected LXD from 4.12 through 6.6 and was fixed in the sn...
EUVD-2026-11585
An improper sanitization of the compressionalgorithm parameter in Canonical LXD allows an authenticated, unprivileged user to execute commands as the LXD daemon on the LXD server via API calls to the image and backup endpoints. This issue affected LXD from 4.12 through 6.6 and was fixed in the sn...
CVE-2026-23201 ceph: fix oops due to invalid pointer for kfree() in parse_longname()
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
EUVD-2026-5844
In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...
@blockchain-lab-um/ssi-snap (>=1.0.3 <=1.0.7), @i3m/base-wallet (>=1.1.0 <=2.6.1) +50 more potentially affected by unknown CVE via @veramo/data-store (>=0.0.42 <=5.6.0)
@veramo/data-store NPM version =0.0.42, =1.0.3, =1.1.0, =1.1.0, =1.2.0, =1.1.0, =0.2.0, =1.0.0, =1.5.0, =1.5.1, =0.0.1, =0.11.1-next.4, =0.2.1-next.13, =0.8.1-next.272, =0.11.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-38CW-85XC-XR9X...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003852)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003852 advisory. In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because registersnapclient may return NULL. This will lead t...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000605)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000605 advisory. Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002370)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002370 advisory. Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or...
MetaMask: Authorization Bypass in Starknet Snap via enableAuthorize parameter leads to unauthorized transaction signing
A critical security vulnerability was discovered in the Starknet Snap by Consensys. The vulnerability allowed malicious websites to bypass user authorization when signing messages or transactions. The vulnerability existed in the enableAuthorize parameter, which could be controlled by any website...
CVE-2023-40709
An adversary could crash the entire device by sending a large quantity of ICMP requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b...
CVE-2023-45642
Cross-Site Request Forgery CSRF vulnerability in Hassan Ali Snap Pixel plugin = 1.5.7 versions...
CVE-2023-40710
An adversary could cause a continuous restart loop to the entire device by sending a large quantity of HTTP GET requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b...
CVE-2023-40708
The File Transfer Protocol FTP port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files...
CVE-2024-34019
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy Windows before build 4569...
CVE-2023-25183
In Snap One OvrC Pro versions prior to 7.2, when logged into the superuser account, a new functionality appears that could allow users to execute arbitrary commands on the hub device...