450 matches found
CVE-2026-46388
osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, an unprivileged attacker can read the contents of an osquery file carve until the carve completes and the temporary files are deleted because in-progress carve directories are not...
EUVD-2026-42916
osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, an unprivileged attacker can read the contents of an osquery file carve until the carve completes and the temporary files are deleted because in-progress carve directories are not...
CVE-2026-6046
Mattermost CVE-2026-6046 affects multiple releases: 11.6.x up to 11.6.1, 11.5.x up to 11.5.4, and 10.11.x up to 10.11.16. The vulnerability arises from failing to validate that a username returned during bot registration belongs to a bot account, enabling an unprivileged attacker to intercept pri...
CVE-2026-21996
An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...
Astra Linux – Vulnerability in Linux, Linux 5.10
A flaw was discovered in the Linux kernel’s net/netfilter/nftablescore.c file, specifically in nftdochain. This flaw may lead to a “use-after-free” condition. This issue requires proper preconditions when handling the ‘return’ statement, as it can cause a kernel information leak issue, which coul...
CVE-2026-20887
Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...
CVE-2025-35979
Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Processors within VMX non-root guest operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a...
CVE-2026-20887
Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...
CVE-2026-35233
An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...
UBUNTU-CVE-2026-35233
An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...
CVE-2026-21996
An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...
EUVD-2026-26702
An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...
CVE-2026-21996
CVE-2026-21996 affects dtrace: an unprivileged, local attacker can trigger a crash in the dtrace process by feeding a malicious ELF binary, caused by an integer Divide-by-Zero in Pbuild_file_symtab(). Several advisories (e.g., Oracle ELSA-2026-50249) indicate a security update addressing this iss...
EUVD-2026-26700
An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...
CVE-2026-21996
An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...
CVE-2026-21996
An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...
CVE-2026-21996
An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...
PT-2026-36528
Name of the Vulnerable Software and Affected Versions dtrace affected versions not specified Description An unprivileged attacker can cause the dtrace process to crash by using a malicious ELF binary. This occurs due to an integer Divide-by-Zero error within the Pbuild file symtab function...
PT-2026-36530
Name of the Vulnerable Software and Affected Versions dtrace affected versions not specified Description An unprivileged attacker can create a user-space process with a malicious ELF binary containing an out-of-range sh link field. When a root-level dtrace process attaches to or instruments that...
CVE-2026-31426
A flaw was found in the Linux kernel's Advanced Configuration and Power Interface ACPI Embedded Controller EC subsystem. During the setup of the EC handler, if a probe deferral occurs on specific hardware, the system fails to properly deallocate resources. This oversight creates a use-after-free...