SUSE CVE-2026-46104

In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sockhasperm and nlmsgsockhasextendedperms currently dereference sk-sksecurity directly, which assumes the...

CVE-2026-46104

A flaw was found in the Linux kernel's SELinux Security-Enhanced Linux socket permission helpers. In configurations where multiple Linux Security Modules LSMs are active, the system may incorrectly access socket security data. This can lead to invalid security identifiers SIDs and class values...

CVE-2026-46104 selinux: use sk blob accessor in socket permission helpers

In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sockhasperm and nlmsgsockhasextendedperms currently dereference sk-sksecurity directly, which assumes the...

PT-2026-44227

In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sock has perm and nlmsg sock has extended perms currently dereference sk-sk security directly, which assumes...

AlmaLinux 9 : nodejs:24 (ALSA-2026:7350)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7350 advisory. nodejs: Nodejs denial of service CVE-2026-21637 brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-25547...

EUVD-2026-9962

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 macOS before build 41186, Acronis Cyber Protect Cloud Agent macOS before build 41124...

CVE-2026-28727

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 macOS before build 41186, Acronis Cyber Protect Cloud Agent macOS before build 41124...

Acronis Cyber Protect和Acronis Cyber Protect Cloud Agent 安全漏洞

Acronis Cyber Protect and Acronis Cyber Protect Cloud Agent are both products of Swiss company Acronis. Acronis Cyber Protect is an integrated network protection solution for businesses and enterprises. It combines features such as backup, anti-malware, network security, and endpoint management...

CVE-2026-28727

CVE-2026-28727 : Local privilege escalation caused by insecure Unix socket permissions. Affected on macOS: Acronis Cyber Protect 17 before build 41186 and Acronis Cyber Protect Cloud Agent before build 41124. The CVSS vector indicates LOCAL access, low privileges required, no user interaction, wi...

CVE-2026-28727

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 macOS before build 41186, Acronis Cyber Protect Cloud Agent macOS before build 41124, Acronis True Image macOS before build 42902...

MiracleLinux 9 : redis:7 (AXSA:2024-9438:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9438:01 advisory. redis: Redis SORTRO may bypass ACL configuration CVE-2023-41053 redis: possible bypass of Unix socket permissions on startup CVE-2023-45145 redis:...

AZL-72851 CVE-2025-59529 affecting package avahi 0.8-5

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although CLIENTSMAX ...

CVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limit

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although CLIENTSMAX ...

EulerOS 2.0 SP13 : cloud-init (EulerOS-SA-2025-2252)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : cloud-init is an industry-standard multi-distribution method for cross-platform cloud instance initialization by Canonical. There is a security...

EUVD-2017-15465

Malware in sbrugna...

EUVD-2020-27049

Malware in sbrugna...

EUVD-2023-49453

Malicious code in bioql PyPI...

EUVD-2022-1240

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-2735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemon...

OESA-2025-1785 cloud-init security update

Cloud-init is the defacto multi-distribution package that handles early initialization of a cloud instance. Security Fixes: cloud-init is an industry-standard multi-distribution method for cross-platform cloud instance initialization by Canonical. There is a security vulnerability in cloud-init...