Lucene search
K

533 matches found

Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.6 views

PT-2026-35019

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A circular locking dependency exists in the uinput component when using a force-feedback gamepad. This issue occurs through a cycle of four lock acquisition paths involving ff-mutex,...

7.8CVSS5.8AI score0.00378EPSS
Exploits0References143
RedHat Linux
RedHat Linux
added 2026/04/23 7:18 a.m.3 views

freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface

A heap buffer use after free has been discovered in FreeRDP. urbselectinterface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusbudevselectinterface...

8.7CVSS5.9AI score0.00467EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/22 7:48 a.m.6 views

freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface

A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusbudevselectinterface...

9.1CVSS5.9AI score0.00489EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/22 7:48 a.m.7 views

freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface

A heap buffer use after free has been discovered in FreeRDP. urbselectinterface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusbudevselectinterface...

8.7CVSS5.9AI score0.00467EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-40225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output. CVE-2026-40225 Note that Nessus reli...

6.4CVSS5.6AI score0.00144EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-007192)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007192 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, The URBDRC client uses server-supplied interface numbers as array indices without...

9.1CVSS5.8AI score0.00489EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/13 11:28 a.m.5 views

CVE-2026-40225

A flaw was found in udev in systemd. A local user with access to malicious hardware devices can exploit this vulnerability. By providing unsanitized kernel output, the flaw allows for local root execution, leading to privilege escalation...

6.4CVSS5.7AI score0.00144EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/11 11:26 p.m.5 views

SUSE CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/10 6:31 p.m.10 views

EUVD-2026-21399

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References2
NVD
NVD
added 2026/04/10 4:16 p.m.7 views

CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS0.00144EPSS
Exploits0References1
OSV
OSV
added 2026/04/10 4:16 p.m.2 views

DEBIAN-CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.4AI score0.00144EPSS
Exploits0References1
OSV
OSV
added 2026/04/10 4:16 p.m.4 views

UBUNTU-CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/04/10 4:16 p.m.4 views

CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/10 4:8 p.m.6 views

Incorrect Resource Transfer Between Spheres

Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres in the udev process. An attacker can gain local root execution by connecting malicious hardware devices that produce unsanitized kernel output. Remediation A fix was pushed into the master...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References2
CVE
CVE
added 2026/04/10 3:16 p.m.23 views

CVE-2026-40225

The CVE-2026-40225 entry concerns udev in systemd prior to 260, where local root access can result from malicious hardware devices and unsanitized kernel output. The vulnerability affects the systemd/udev component and is described with a CVSSv3.1 base score of 6.4 (MEDIUM), with attack vector Ph...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/10 3:16 p.m.6 views

CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/10 3:16 p.m.35 views

CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS0.00144EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/10 3:16 p.m.4 views

CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.4AI score0.00144EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/10 3:16 p.m.3 views

CVE-2026-40225

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output...

6.4CVSS5.9AI score0.00144EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.9 views

systemd 安全漏洞

Systemd is a Linux-based system and service manager developed by Lennart Poettering of Germany. This product is compatible with SysV and LSB startup scripts, and it provides a framework for representing dependencies between system services. Prior to version 260, there were security vulnerabilitie...

6.4CVSS5.8AI score0.00144EPSS
Exploits0References1
Rows per page
Query Builder