Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the bareudp module failing to perform null pointer checks on sockets when devices are turned off,...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netlabel: Fixed a NULL pointer exception caused by CALIPSO on IPv4 sockets. When calling netlblconnsetattr, addr-safamily is used to determine the function’s behavior. If sk is an IPv4 socket, but the connect function is called...

CVE-2026-42283

DevSpace is a client-only developer tool for cloud-native development with Kubernetes. Prior to 6.3.21, DevSpace's UI server WebSocket accepts connections from all origins by default, and therefore several endpoints are exposed via this WebSocket. When a developer runs the DevSpace UI and at the...

CVE-2026-31893

Tunnelblick is an open source graphic user interface for OpenVPN on macOS. In versions 3.3beta26 through 9.0beta01, any local user can read arbitrary root-owned files by exploiting a symlink following vulnerability in tunnelblick-helper, reachable through the world-accessible tunnelblickd Unix...

CVE-2026-33099

Technical details (affected products, root cause, vulnerable components, or exploitation specifics) are not publicly provided in the supplied documents. Monitor for updates from sources like MSRC and the CVE record.

CVE-2026-26168 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

...

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has a security vulnerability that stems from the rtsockmsgbuffer function not verifying the length field of the source sockaddr. This can lead to a stack buffer overflow, potentially causing a kernel crash...

CVE-2025-62795 JumpServer Unauthorized LDAP Configuration Access via WebSocket

JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.21-lts and v4.10.12-lts, a low-privileged authenticated user can invoke LDAP configuration tests and start LDAP synchronization by sending crafted messages to the /ws/ldap/ WebSocket...

EUVD-2015-8111

Malware in sbrugna...

EUVD-2015-3242

Malware in sbrugna...

EUVD-2018-8952

Malware in sbrugna...

EUVD-2007-5701

Malware in sbrugna...

EUVD-2008-6918

Malware in sbrugna...

EUVD-2017-16436

Malware in sbrugna...

EUVD-2016-5925

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986848)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986848 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak for SCTP sockets syzbot reported a kernel infoleak 1 of 4 bytes. After...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerability (USN-7758-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7758-1 advisory. It was discovered that the AFUNIX socket garbage collection implementation in Ubuntu Noble's 6.8 kernel did not properly handle out-of-band OOB...

Ubuntu: Security Advisory (USN-7677-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-38154

CVE-2025-38154 affects the Linux kernel sockmap path (bpf/sockmap) where sk->sk_socket can be used after free due to a race with backlog/thread close paths. The description in the connected documents explains that sk_socket is not locked/referenced in the backlog, enabling a race with the rele...