GeoServer Demo Request Endpoint - Server Side Request Forgery

It is possible to achieve Server Side Request Forgery SSRF via the Demo request endpoint if Proxy Base URL has not been set. An unauthenticated user can supply a request that will be issued by the server, allowing enumeration of internal networks and, in the case of cloud instances, access to...

VulnCheck KEV: CVE-2025-1055

A vulnerability in the K7RKScan.sys driver, part of the K7 Security Anti-Malware suite, allows a local low-privilege user to send crafted IOCTL requests to terminate a wide range of processes running with administrative or system-level privileges, with the exception of those inherently protected ...

EulerOS 2.0 SP11 : firewalld (EulerOS-SA-2026-2202)

According to the versions of the firewalld packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setter...

CVE-2026-6637

Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary key and facilitate...

Exploit for Missing Release of Memory after Effective Lifetime in Arm 5Th_Gen_Gpu_Architecture_Kernel_Driver

CVE-2023-26083 – Mali GPU Kernel Address Leak via Timeline Str...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2026-41054

In src/havegecmd.c, the sockethandler function performs a credential check on the abstract UNIX socket \0/sys/entropy/haveged. However, while it detects if the connecting user is not root cred.uid != 0 and prepares a negative acknowledgement ASCIINAK, it fails to stop execution. The code proceeds...

Astra Linux – Vulnerability in docker.io

Moby is an open-source project created by Docker to enable software containerization. A bug was discovered in Moby Docker Engine, where the data directory /var/lib/docker, contained subdirectories with insufficiently restricted permissions. This allowed unprivileged Linux users to access and...

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in th...

SUSE SLED15 / SLES15 Security Update : firewalld (SUSE-SU-2026:1872-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1872-1 advisory. This update for firewalld fixes the following issue: - CVE-2026-4948: local unprivileged users can modify the runtime...

UBUNTU-CVE-2026-6637

Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary key and facilitate...

EUVD-2026-29525

Improper conditions check in some firmware for some IntelR NPU Drivers within Ring 1: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via...

CVE-2026-20782

Intel QAT Windows drivers prior to 1.13 are vulnerable to a buffer overflow in Ring 3 user applications, allowing a local, low-privilege attacker with no user interaction to trigger a denial of service. Impact is High on availability and Low on confidentiality/integrity; upgrading to 1.13+ (or ap...

Intel Vision Software Advisory

Summary: A potential security vulnerability for the Intel Vision software maintained by Intel may allow denial of service. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for Intel Vision software. Vulnerability Details: CVEI...

CVE-2026-43287

The CVE targets Linux kernel DRM:MODE_CREATEPROPBLOB allocations. Arbitary-sized property blobs allocated for kernel memory were not charged to the caller’s memory cgroup, enabling unprivileged local users to trigger unbounded kernel memory growth and potential system-wide OOM. The fix ensures bl...

Linux Distros Unpatched Vulnerability : CVE-2026-43287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory...

Astra Linux – Vulnerability in Containerd

Containerd is an open-source container runtime that emphasizes simplicity, robustness, and portability. A bug was discovered in Containerd where container root directories and certain plugins had insufficiently restricted permissions, allowing unprivileged Linux users to access the contents of...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

A issue was discovered in the x86 KVM subsystem of the Linux kernel before version 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations...

Astra Linux – Vulnerability in Dbus

Before version 1.15.6, D-Bus sometimes allowed unprivileged users to cause dbus-daemon to crash. If a privileged user with control over dbus-daemon used the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same...

Exploit for CVE-2026-31431

CVE-2026-31431 — Copy Vulnerability Linux Kernel Page Cache...