Lucene search
K

905 matches found

OSV
OSV
added yesterday3 views

USN-8508-1 linux-nvidia-6.17 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - GP...

9.8CVSS6.2AI score0.00817EPSS
Exploits9References85
OSV
OSV
added yesterday2 views

UBUNTU-CVE-2026-53361

In the Linux kernel, the following vulnerability has been resolved: afunix: Set gcinprogress to true in unixgc. Igor Ushakov reported that unixgc could run with gcinprogress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unixschedulegc...

5.8AI score0.00171EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-13757

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a...

6.2CVSS6AI score0.0012EPSS
Exploits0References4
NVD
NVD
added 2026/06/29 7:16 p.m.10 views

CVE-2026-13757

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS0.0012EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/29 6:44 p.m.7 views

EUVD-2026-40173

A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...

6.2CVSS5.8AI score0.0012EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/29 7:53 a.m.6 views

CVE-2026-57964

A flaw was found in spice-vdagent. On macOS and BSD platforms, an unprivileged local user can bypass authentication by connecting to the Unix Domain Socket Client/Server UDSCS socket. This allows the unauthorized user to receive host-to-guest messages, including clipboard data and file transfers,...

5.3CVSS5.8AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 10:31 p.m.8 views

CVE-2026-48936

A flaw was found in Node.js. The Node.js Permission API can allow a local server to be started through a Unix domain socket, even when the --allow-net permission is not explicitly granted. This bypasses intended security restrictions, potentially leading to unintended local network exposure or...

3.3CVSS5.6AI score0.00154EPSS
Exploits0References4
CVE
CVE
added 2026/06/26 1:14 a.m.27 views

CVE-2026-48936

CVE-2026-48936: A flaw in the Node.js Permission API can cause a local server to start via a Unix domain socket without the --allow-net permission, affecting the Node.js 26 release line. Connected sources indicate this has been fixed in the nodejs26-26.3.1-1.1 package (openSUSE Tumbleweed) and re...

3.3CVSS6.6AI score0.00154EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/26 1:14 a.m.8 views

EUVD-2026-39611

A flaw in Node.js Permission API can cause a local server to be started via a Unix domain socket, even without the --allow-net permission. This vulnerability affects one supported release line: Node.js 26...

3.3CVSS6.4AI score0.00154EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38873

In the Linux kernel, the following vulnerability has been resolved: afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd, skpsockverdictdataready looks up the mapped socket and enqueue skb to its...

5.7AI score0.00129EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:29 p.m.10 views

CVE-2026-53005

CVE-2026-53005 affects the Linux kernel af_unix SOCKMAP feature. The issue arises from improper handling of SCM attributes when data is passed to SOCKMAP, enabling a use-after-free and inflight-file-descriptor leaks due to inability of GC paths to inspect psock queues after skb redirection. Multi...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 8:16 a.m.3 views

UBUNTU-CVE-2026-52928

In the Linux kernel, the following vulnerability has been resolved: afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported only for SOCKSTREAM sockets. SOCKDGRAM and SOCKSEQPACKET reject MSGOOB ...

5.6AI score0.00161EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52928

In the Linux kernel, the following vulnerability has been resolved: afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported only for SOCKSTREAM sockets. SOCKDGRAM and SOCKSEQPACKET reject MSGOOB ...

5.7AI score0.00161EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2026/06/23 4:17 a.m.16 views

CVE-2026-55655

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

6.1CVSS0.00082EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 3:36 a.m.54 views

CVE-2026-55655 Openssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versions

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

5CVSS0.00082EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.8 views

PT-2026-51473

Name of the Vulnerable Software and Affected Versions OpenSSH affected versions not specified Description A flaw in OpenSSH allows a local unprivileged attacker on a Linux client host to hijack client-side X11 forwarding connections. This occurs when X11 forwarding is enabled and a local...

6.1CVSS5.7AI score0.00082EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A memory flaw after deallocation was discovered in the Linux kernel’s garbage collection for Unix domain socket file handlers. This flaw occurs when users call close and fget simultaneously, potentially triggering a race condition. This flaw allows a local user to crash the system or escalate the...

7CVSS6.7AI score0.0031EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40214)

In the Linux kernel, the following vulnerability has been resolved: afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro consists of three stages. 1 1-a. Create a single...

5.7AI score0.00171EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/08 11:1 p.m.7 views

Missing Release of Resource after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime in the nettyunixsocketrecvFd function. An attacker can cause file descriptor leaks by sending two file descriptors at once via a Unix domain socket, leading to resource exhaustion and...

5.1CVSS5.5AI score0.00136EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.13 views

CVE-2026-39461

libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...

8.8CVSS5.5AI score0.00172EPSS
Exploits0References1
Rows per page
Query Builder