Lucene search
+L

156 matches found

osv
osv
added yesterday2 views

UBUNTU-CVE-2026-42617

In NTFS-3G through 2026.2.25, a heap buffer overflow exists in ntfsirtoib in index.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered by extending a directory, e.g., by creating a file...

6.2AI score
Exploits0References3
osv
osv
added yesterday2 views

UBUNTU-CVE-2026-46569

In NTFS-3G through 2026.2.25, a heap buffer overflow exists in ntfsibcopytail, in libntfs-3g/index.c, that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered by extending a directory, e.g., by creating a file...

6.2AI score
Exploits0References3
osv
osv
added yesterday3 views

UBUNTU-CVE-2026-56135

In NTFS-3G through 2026.2.25, a heap-based buffer overflow exists in the function buildinheritedid in libntfs-3g/security.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered by creating a file in a crafted...

6.2AI score
Exploits0References3
osv
osv
added 2026/06/02 11:18 a.m.6 views

OPENSUSE-SU-2026:20888-1 Security update for apptainer

This update for apptainer fixes the following issues: Changes in apptainer: - CVE-2026-39821: Update golang.org/x/net to 0.55.0. bsc1266656 - Add improved handling of suid-starter: Add system group apptainer Make sure, only users belonging to this group are able to run the application. Document...

9.6CVSS5.7AI score0.00478EPSS
Exploits0References2
githubexploit
githubexploit
added 2026/05/25 7:45 a.m.228 views

Exploit for CVE-2026-43494

SLEY — PinTheft PoC CVE-2026-43494 Proof o...

5.9AI score0.00269EPSS
Exploits3
githubexploit
githubexploit
added 2026/04/30 10:49 a.m.121 views

Exploit for CVE-2026-31431

CVE-2026-31431 "Copy Fail" — Universal LPE Exploit Linux...

7.8CVSS6.2AI score0.96267EPSS
Exploits230
ptsecurity
ptsecurity
added 2026/04/21 12:0 a.m.7 views

PT-2026-34185

Name of the Vulnerable Software and Affected Versions NTFS-3G versions 2022.10.3 through 2026.2.24 Description A heap buffer overflow exists in the ntfs build permissions posix function within acls.c. This issue allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by using a...

8.4CVSS5.2AI score0.00165EPSS
Exploits0References21
osv
osv
added 2026/04/21 12:0 a.m.1 views

CVE-2026-40706

In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfsbuildpermissionsposix in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path stat, readdir, open when...

8.4CVSS6.2AI score0.00165EPSS
Exploits0References8
vulnrichment
vulnrichment
added 2026/03/05 1:18 a.m.6 views

CVE-2026-29123 Multiple SUID Root Binaries in `xd` User Home Directory Leading to Potential Local Privilege Escalation

A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting IDC SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on conditions of the system via execution of the affected SUID binary. This can be via PATH hijacking, symli...

8.6CVSS6.1AI score0.00127EPSS
Exploits1References1
cvelist
cvelist
added 2026/03/05 1:18 a.m.41 views

CVE-2026-29123 Multiple SUID Root Binaries in `xd` User Home Directory Leading to Potential Local Privilege Escalation

A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting IDC SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on conditions of the system via execution of the affected SUID binary. This can be via PATH hijacking, symli...

8.6CVSS0.00127EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/09 10:46 a.m.6 views

CVE-2022-31594

A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system...

7.2CVSS6.9AI score0.0023EPSS
Exploits0References1
nessus
nessus
added 2025/11/20 12:0 a.m.8 views

TencentOS Server 4: udisks2 (TSSA-2025:0480)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0480 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7CVSS7.8AI score0.00433EPSS
Exploits18References2
nessus
nessus
added 2025/10/24 12:0 a.m.4 views

EulerOS 2.0 SP13 : libblockdev (EulerOS-SA-2025-2266)

According to the versions of the libblockdev packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the 'allowactive' setting in Polkit permits a physically...

7CVSS7.8AI score0.00433EPSS
Exploits18References2
nessus
nessus
added 2025/10/24 12:0 a.m.5 views

EulerOS 2.0 SP13 : udisks2 (EulerOS-SA-2025-2312)

According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the 'allowactive' setting in Polkit permits a physically...

7CVSS7.9AI score0.00433EPSS
Exploits18References2
nessus
nessus
added 2025/10/11 12:0 a.m.3 views

EulerOS 2.0 SP11 : libblockdev (EulerOS-SA-2025-2200)

According to the versions of the libblockdev packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the 'allowactive' setting in Polkit permits a physically...

7CVSS7.8AI score0.00433EPSS
Exploits18References2
nessus
nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: udisks2 (UTSA-2025-984808)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984808 advisory. A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the allowactive setting in Polkit permits a physically present user to take certa...

7CVSS7.8AI score0.00433EPSS
Exploits18References3
nessus
nessus
added 2025/10/07 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: udisks2 (UTSA-2025-587571)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-587571 advisory. A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the allowactive setting in Polkit permits a physically present user to take certa...

7CVSS7.8AI score0.00433EPSS
Exploits18References4
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-53048

Malicious code in bioql PyPI...

7.2CVSS6.7AI score0.0023EPSS
Exploits0References2
nessus
nessus
added 2025/09/10 12:0 a.m.3 views

EulerOS 2.0 SP12 : udisks2 (EulerOS-SA-2025-2061)

According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the 'allowactive' setting in Polkit permits a physically...

7CVSS7.9AI score0.00433EPSS
Exploits18References2
nessus
nessus
added 2025/09/10 12:0 a.m.5 views

EulerOS 2.0 SP12 : udisks2 (EulerOS-SA-2025-2030)

According to the versions of the udisks2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A Local Privilege Escalation LPE vulnerability was found in libblockdev. Generally, the 'allowactive' setting in Polkit permits a physically...

7CVSS7.9AI score0.00433EPSS
Exploits18References2
Rows per page
Query Builder