3900 matches found
CVE-2026-33945
Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...
UBUNTU-CVE-2026-33945
Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...
CVE-2026-33945
Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...
SUSE SLES15 Security Update : systemd (SUSE-SU-2026:1061-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1061-1 advisory. - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. - CVE-2026-29111:...
SUSE SLED15: libsystemd0 / libsystemd0-32bit / libudev1 / libudev1-32bit / etc (SUSE-SU-2026:1040-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1040-1 advisory. - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus...
Linux Distros Unpatched Vulnerability : CVE-2026-33945
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is...
CVE-2026-33945 Abitrary file write through systemd-creds option
Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...
CVE-2026-33945 Abitrary file write through systemd-creds option
Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...
CVE-2026-33945 Abitrary file write through systemd-creds option
Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...
CVE-2026-33945
Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...
CVE-2026-33945
Incus (system container/VM manager) before version 6.23.0 allows privilege escalation via credentials to systemd in the guest. In containers, credentials are passed through a shared directory; an attacker can set a config key like systemd.credential.../../../../../../root/.bashrc, exploiting that...
CVE-2026-33945
Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like...
CVE-2026-32063
OpenClaw version 2026.2.19-2 prior to 2026.2.21 contains a command injection vulnerability in systemd unit file generation where attacker-controlled environment values are not validated for CR/LF characters, allowing newline injection to break out of Environment= lines and inject arbitrary system...
CVE-2026-32606
IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...
CVE-2026-31979
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-tasks daemon, running as root, writes Kerberos cache files under /tmp/krb5cc without symlink protections. Since commit 87a51ee, PrivateTmp is explicitly removed from the task...
Security update for systemd
This update for systemd fixes the following issues: CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. CVE-2026-29111: local unprivileged user can trigger an assert in systemd bsc1259418. udev: check for invalid chars in various fields...
SUSE-SU-2026:1061-1 Security update for systemd
This update for systemd fixes the following issues: - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. - CVE-2026-29111: local unprivileged user can trigger an assert in systemd bsc1259418. - udev: check for invalid chars in various...
systemd: Local unprivileged user can trigger an assert
...
Malicious code in checkmarx.cx-dev-assist (VSCode:https://open-vsx.org)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security b821135a3f6a7e85f6ed37a383363979118ad6c7b73433dd4882e99f24264155 This extension is a compromised version of the offical Checkmarx VSCode extensions available on the Microsoft Marketplace, by the TeamPCP...
Malicious code in checkmarx.ast-results (VSCode:https://open-vsx.org)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 3205937565e6fad63cbece12a8463cd52f3e95c10ac99ab7e62a317e9c18717a This extension is a compromised version of the offical Checkmarx VSCode extensions available on the Microsoft Marketplace, by the TeamPCP...