6002 matches found
EUVD-2026-34121
In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading realparent in dotaskstat When reading /proc/pid/stat, dotaskstat accesses task-realparent without proper RCU protection, which leads to: cpu 0 cpu 1 ----- ----- dotaskstat var =...
CVE-2026-46259
In the Linux kernel procfs path do_task_stat() reading /proc/[pid]/stat, task->real_parent is accessed without proper RCU protection, enabling a potential Use-After-Free when another task is released. The fix switches from task_tgid_nr_ns() to task_ppid_nr_ns() to add proper RCU protection for...
CVE-2024-47273
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...
CVE-2024-47273
CVE-2024-47273 concerns Synology Hyper Backup’s Backup Task component. The vulnerability arises from an improper limitation of a pathname to a restricted directory (a path traversal issue) that, in versions prior to 4.1.2-4036, enables remote authenticated users to write specific files via unspec...
CVE-2024-47273
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...
CVE-2024-47273
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...
EUVD-2024-55608
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the procfs module’s lack of RCU protection when reading task-realparent in the dotaskstat functio...
PT-2026-45931
An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...
PT-2026-46022
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the procfs component of the Linux kernel within the do task stat function. When reading the '/proc/pid/stat' endpoint, the system accesses the real parent variable witho...
CVE-2026-46414
Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can register as a normal device, but later send a TASK...
CVE-2026-10529 westboy CicadasCMS Task Scheduling Management ScheduleJobController.java cross site scripting
A weakness has been identified in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is an unknown function of the file src/main/java/com/zhiliao/module/web/system/ScheduleJobController.java of the component Task Scheduling Management Module. Executing a manipulation can...
CVE-2026-10529
A weakness has been identified in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is an unknown function of the file src/main/java/com/zhiliao/module/web/system/ScheduleJobController.java of the component Task Scheduling Management Module. Executing a manipulation can...
CVE-2026-10529 westboy CicadasCMS Task Scheduling Management ScheduleJobController.java cross site scripting
A weakness has been identified in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is an unknown function of the file src/main/java/com/zhiliao/module/web/system/ScheduleJobController.java of the component Task Scheduling Management Module. Executing a manipulation can...
CVE-2026-10529
Affected software: westboy CicadasCMS (Task Scheduling Management Module). Vulnerable component: ScheduleJobController.java (src/main/java/com/zhiliao/module/web/system/ScheduleJobController.java). Issue: cross-site scripting via manipulation of an unknown function; can be executed remotely. Publ...
Windows Scheduled Task Persistence Using S4U Authentication
This Python script defines a class called S4UPersistence that automates the creation of a Windows Scheduled Task to repeatedly execute an executable payload. It generates a Task Scheduler XML configuration and uses the S4U logon type, allowing the task to run without requiring an interactive...
Windows Telemetry Persistence
This simulation proof of concept code demonstrates conceptual persistence mechanisms registry-like structures and scheduled task representation without performing actual registry modifications, persistence installation, or execution...
PT-2026-45676
A weakness has been identified in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is an unknown function of the file src/main/java/com/zhiliao/module/web/system/ScheduleJobController.java of the component Task Scheduling Management Module. Executing a manipulation can...
CicadasCMS 代码注入漏洞
CicadasCMS is a content management framework developed by the Chinese individual developer westboy, based on SpringBoot, Mybatis, SpringSecurity, and Vue. CicadasCMS has a code injection vulnerability, which stems from an unknown function issue in the task scheduling management module, specifical...
goclaw 安全漏洞
Goclaw is an open-source multi-tenant AI smart agent platform developed by Next Level Builder. Versions of GoClaw 3.11.3 and earlier contain security vulnerabilities. These vulnerabilities stem from a flaw in the Team Task Completion Handler component, where the TeamTasksTool.executeComplete...