Lucene search
K

382 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 6:2 p.m.6 views

CVE-2026-53075

A flaw was found in the Linux kernel's Point-to-Point Protocol PPP subsystem. A local unprivileged user can exploit this vulnerability by creating a new user namespace and bypassing authorization checks for unattached administrative input/output controls ioctls. This allows the user to perform...

8.8CVSS5.8AI score0.00182EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ppp: require CAPNETADMIN in target netns for unattached ioctls /dev/ppp open is currently authorized against file-fcred-userns, while unattached administrative...

8.8CVSS6AI score0.00182EPSS
Exploits1References3
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53075

In the Linux kernel, the following vulnerability has been resolved: ppp: require CAPNETADMIN in target netns for unattached ioctls /dev/ppp open is currently authorized against file-fcred-userns, while unattached administrative ioctls operate on current-nsproxy-netns. As a result, a local...

8.8CVSS0.00182EPSS
Exploits1References8
EUVD
EUVD
added 2026/06/24 4:30 p.m.5 views

EUVD-2026-38943

In the Linux kernel, the following vulnerability has been resolved: ppp: require CAPNETADMIN in target netns for unattached ioctls /dev/ppp open is currently authorized against file-fcred-userns, while unattached administrative ioctls operate on current-nsproxy-netns. As a result, a local...

5.7AI score0.00182EPSS
Exploits1References8
CVE
CVE
added 2026/06/24 4:30 p.m.12 views

CVE-2026-53075

The CVE-2026-53075 issue affects the Linux kernel PPP subsystem. A local unprivileged user can create a new user namespace (CLONE_NEWUSER), obtain CAP_NET_ADMIN only in that namespace, and still perform unattached PPP administrative IOCTLs (PPPIOCNEWUNIT, PPPIOCATTACH, PPPIOCATTCHAN) against an i...

8.8CVSS5.7AI score0.00182EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51969

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Point-to-Point Protocol PPP implementation where /dev/ppp open is authorized against file-f cred-user ns, while unattached administrative ioctls operate on...

8.8CVSS5.8AI score0.00182EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.15 views

SUSE CVE-2026-46120

In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References18
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in docker.io

In Docker versions prior to 9.03.15 and 20.10.3, there is a vulnerability related to the --userns-remap option. This option allows access to the remapped root directory, enabling privilege escalation to the actual root directory. When using --userns-remap, if the root user in the remapped namespa...

6.8CVSS6.9AI score0.01065EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux

A heap out-of-bounds write that affects Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This vulnerability allows an attacker to gain privileges or cause a Denial-of-Service attack through heap memory corruption by manipulating the user name space...

8.3CVSS6.3AI score0.78684EPSS
Exploits21References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Shadow

A vulnerability was discovered in Shadow 4.5. The newgidmap function part of shadow-utils is setuid, allowing an unprivileged user to be placed in a user namespace where setgroups2 is allowed. This enables an attacker to remove themselves from a supplementary group, potentially granting them acce...

5.3CVSS6.3AI score0.01596EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in firejail

A privilege context switching issue was discovered in the join.c file of Firejail 0.9.68. By creating a fake Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment where the Linux user namespace remains the initial user...

7.8CVSS6.5AI score0.00382EPSS
Exploits0References2
OSV
OSV
added 2026/05/18 6:11 a.m.9 views

BIT-GITLAB-2026-4527 Cross-Site Request Forgery (CSRF) in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to create unauthorized Jira subscriptions for a targeted user's namespace via a specially crafted link due...

6.5CVSS5.8AI score0.00153EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/14 9:0 p.m.10 views

CVE-2026-45781 MCP Registry: OCI ownership validation fails open on upstream rate limits, allowing attacker-controlled package claims

The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.9, OCI ownership validation skips label-match check when upstream OCI registry returns HTTP 429, letting any authenticated publisher bind their io.github./ namespace to OCI images the...

3.5CVSS5.8AI score0.00206EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/14 7:27 a.m.205 views

Exploit for CVE-2026-46300

Security Research & Legal Disclaimer This repository is for educ...

6AI score0.03663EPSS
Exploits11
Vulnrichment
Vulnrichment
added 2026/05/14 5:34 a.m.9 views

CVE-2026-4527 Cross-Site Request Forgery (CSRF) in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to create unauthorized Jira subscriptions for a targeted user's namespace via a specially crafted link due...

6.5CVSS5.8AI score0.00153EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.12 views

PT-2026-40867

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 11.10 through 18.9.6 GitLab CE/EE versions 18.10 through 18.10.5 GitLab CE/EE versions 18.11 through 18.11.2 Description Missing Cross-Site Request Forgery CSRF protection—a flaw where an attacker tricks a victim into...

6.5CVSS5.8AI score0.00153EPSS
Exploits0References5
NVD
NVD
added 2026/04/30 11:16 a.m.8 views

CVE-2026-31692

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: add missing netlinknscapable check for peer netns rtnlnewlink lacks a CAPNETADMIN capability check on the peer network namespace when creating paired devices veth, vxcan, netkit. This allows an unprivileged user with a...

5.5CVSS0.00119EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cloneprivatemnt: Make sure that the caller has CAPSYSADMIN in the correct user namespaces. What we want to ensure is that cloneprivatemnt will not expose something hidden by a mount that we wouldn’t be able to undo. “ wouldn’t be...

5.5CVSS6.6AI score0.00147EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : pam-1.5.1-19.el9 (AXSA:2024-7776:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7776:01 advisory. pam: allowing unprivileged user to block another user namespace CVE-2024-22365 Tenable has extracted the preceding description block directly from the...

5.5CVSS7.4AI score0.00459EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000806)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000806 advisory. The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows...

7.2CVSS7.1AI score0.00368EPSS
Exploits0References10
Rows per page
Query Builder