Lucene search
K

450 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-46388

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, an unprivileged attacker can read the contents of an osquery file carve until the carve completes and the temporary files are deleted because in-progress carve directories are not...

4.4CVSS0.00094EPSS
Exploits0References4
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42916

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, an unprivileged attacker can read the contents of an osquery file carve until the carve completes and the temporary files are deleted because in-progress carve directories are not...

4.4CVSS6.2AI score0.00094EPSS
Exploits0References4
CVE
CVE
added 2026/06/12 3:52 p.m.21 views

CVE-2026-6046

Mattermost CVE-2026-6046 affects multiple releases: 11.6.x up to 11.6.1, 11.5.x up to 11.5.4, and 10.11.x up to 10.11.16. The vulnerability arises from failing to validate that a username returned during bot registration belongs to a bot account, enabling an unprivileged attacker to intercept pri...

5.3CVSS5.3AI score0.0019EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.12 views

CVE-2026-21996

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...

5.5CVSS5.5AI score0.0011EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A flaw was discovered in the Linux kernel’s net/netfilter/nftablescore.c file, specifically in nftdochain. This flaw may lead to a “use-after-free” condition. This issue requires proper preconditions when handling the ‘return’ statement, as it can cause a kernel information leak issue, which coul...

5.5CVSS6.6AI score0.00416EPSS
Exploits11References2
NVD
NVD
added 2026/05/12 5:16 p.m.24 views

CVE-2026-20887

Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...

8.8CVSS0.00478EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/12 4:35 p.m.39 views

CVE-2025-35979

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...

6.8CVSS5.8AI score0.00096EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/12 4:34 p.m.11 views

CVE-2026-20887

Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...

8.8CVSS6.1AI score0.00478EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/01 6:16 p.m.9 views

CVE-2026-35233

An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...

4.4CVSS5.8AI score0.00108EPSS
Exploits0References2
OSV
OSV
added 2026/05/01 6:16 p.m.7 views

UBUNTU-CVE-2026-35233

An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...

4.4CVSS5.8AI score0.00108EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/01 6:16 p.m.8 views

CVE-2026-21996

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...

5.5CVSS5.8AI score0.0011EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/01 5:53 p.m.8 views

EUVD-2026-26702

An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...

4.4CVSS5.8AI score0.00108EPSS
Exploits0References1
CVE
CVE
added 2026/05/01 5:51 p.m.14 views

CVE-2026-21996

CVE-2026-21996 affects dtrace: an unprivileged, local attacker can trigger a crash in the dtrace process by feeding a malicious ELF binary, caused by an integer Divide-by-Zero in Pbuild_file_symtab(). Several advisories (e.g., Oracle ELSA-2026-50249) indicate a security update addressing this iss...

5.5CVSS5.8AI score0.0011EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/01 5:51 p.m.7 views

EUVD-2026-26700

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...

3.3CVSS5.8AI score0.0011EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/01 5:51 p.m.3 views

CVE-2026-21996

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...

3.3CVSS5.8AI score0.0011EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/01 5:51 p.m.11 views

CVE-2026-21996

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...

3.3CVSS5.8AI score0.0011EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/01 5:51 p.m.8 views

CVE-2026-21996

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...

5.5CVSS5.8AI score0.0011EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.10 views

PT-2026-36528

Name of the Vulnerable Software and Affected Versions dtrace affected versions not specified Description An unprivileged attacker can cause the dtrace process to crash by using a malicious ELF binary. This occurs due to an integer Divide-by-Zero error within the Pbuild file symtab function...

3.3CVSS5.8AI score0.0011EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.9 views

PT-2026-36530

Name of the Vulnerable Software and Affected Versions dtrace affected versions not specified Description An unprivileged attacker can create a user-space process with a malicious ELF binary containing an out-of-range sh link field. When a root-level dtrace process attaches to or instruments that...

4.4CVSS5.8AI score0.00108EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/04/13 5:25 p.m.6 views

CVE-2026-31426

A flaw was found in the Linux kernel's Advanced Configuration and Power Interface ACPI Embedded Controller EC subsystem. During the setup of the EC handler, if a probe deferral occurs on specific hardware, the system fails to properly deallocate resources. This oversight creates a use-after-free...

7CVSS5.8AI score0.00111EPSS
Exploits0References4
Rows per page
Query Builder