Exploit for CVE-2026-31431

copyFail.py — CVE Exploit Analysis Report Summary copyFa...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005627 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leak...

CVE-2025-70043

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in Ayms node-To master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in TLS socket options...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000807)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000807 advisory. The socksetsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sksndbuf and skrcvbuf, which allows local users to cause ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001237)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001237 advisory. The XFRM dump policy implementation in net/xfrm/xfrmuser.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service...

EUVD-2025-124934

In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so not under RCU. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the only -ndoskgetlowerdev...

CVE-2025-40149

CVE-2025-40149 affects the Linux kernel TLS path: get_netdev_for_sock() could trigger a use-after-free if sk_dst_get(sk)->dev is used during setsockopt(). The fix replaces sk_dst_get() with __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(), and notes that the only user of ->ndo_sk_g...

CVE-2025-40149 tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock().

In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so not under RCU. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the only -ndoskgetlowerdev...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988850)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988850 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: clear 'kern' flag from fallback sockets The mptcp ULP extension relies on sk-sksockkern...

EUVD-2004-0370

Malware in sbrugna...

EUVD-2011-1146

Malware in sbrugna...

EUVD-2012-3499

Malware in sbrugna...

EUVD-2016-10594

Malware in sbrugna...

EUVD-2016-2976

Malware in sbrugna...

EUVD-2006-3199

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-57903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: restrict SOREUSEPORT to inet sockets After blamed commit, crypto sockets could accidentally be destroyed from RCU call back, as spotted by zyzbot 1. Trying...

CVE-2025-21711 net/rose: prevent integer overflows in rose_setsockopt()

In the Linux kernel, the following vulnerability has been resolved: net/rose: prevent integer overflows in rosesetsockopt In case of possible unpredictably large arguments passed to rosesetsockopt and multiplied by extra values on top of that, integer overflows may occur. Do the safest minimum an...

CVE-2024-35215

NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform SDP versions 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process...

CVE-2024-35215

The CVE-2024-35215 issue affects QNX Software Development Platform (SDP) 7.0 and 7.1, where a NULL pointer dereference in the IP socket options processing of the Networking Stack can allow a local attacker to cause a denial-of-service in the Networking Stack process. This is the explicit root cau...

CVE-2024-35215

NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform SDP versions 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process...