Lucene search
K

2853 matches found

OSV
OSV
added 2026/06/22 2:35 p.m.2 views

SUSE-SU-2026:2492-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

4.7CVSS5.8AI score0.00118EPSS
Exploits1References3
OSV
OSV
added 2026/06/22 2:34 p.m.2 views

OPENSUSE-SU-2026:21028-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

4.7CVSS5.8AI score0.00118EPSS
Exploits1References2
OSV
OSV
added 2026/06/22 2:28 p.m.2 views

SUSE-SU-2026:22332-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

4.7CVSS5.7AI score0.00118EPSS
Exploits1References3
OSV
OSV
added 2026/06/22 2:28 p.m.2 views

SUSE-SU-2026:22260-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

4.7CVSS5.7AI score0.00118EPSS
Exploits1References3
OSV
OSV
added 2026/06/22 12:6 p.m.2 views

SUSE-SU-2026:2485-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

4.7CVSS5.8AI score0.00118EPSS
Exploits1References3
Snyk
Snyk
added 2026/06/19 7:35 p.m.7 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the propagation of unvalidated LABEL values from image configuration to container labels. An attacker can execute arbitrary commands on the host by...

9.4CVSS6.2AI score0.00203EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 8:8 a.m.12 views

Malicious code in eth-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fcfa5a90c6e60f1e3a94db0277e5d9bd0058d0d5d3a549e3e62dfb6e05f4223 Package eth-util impersonates the legitimate @ethereumjs/util package: README, repository URL github.com/ethereumjs/ethereumjs-monorepo, badges,...

6.1AI score
Exploits0References2
Photon
Photon
added 2026/06/18 12:0 a.m.6 views

Important Photon OS Security Update - PHSA-2026-5.0-0885

Updates of 'jq', 'util-linux', 'rsync' packages of Photon OS have been released...

3.7CVSS6.1AI score0.00337EPSS
Exploits0
Snyk
Snyk
added 2026/06/17 6:35 p.m.6 views

Deserialization of Untrusted Data

Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the distutils.fileutil.writefile function. An attacker can overwrite critical system files by crafting...

9.8CVSS5.9AI score0.00624EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 5:16 p.m.15 views

CVE-2025-71321

picklescan before 0.0.33 contains an arbitrary file writing vulnerability that allows attackers to bypass the dangerous blocklist by using distutils.fileutil.writefile. Attackers can construct malicious pickle objects to overwrite critical system files and achieve denial of service or remote code...

9.8CVSS0.00624EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/17 1:24 p.m.4 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: util-linux: libblkid-2.42.2-1.hum1 aarch64, x8664 libblkid-devel-2.42.2-1.hum1 aarch64, x8664 libfdisk-2.42.2-1.hum1 aarch64, x8664 libfdisk-devel-2.42.2-1.hum1 aarch64, x8664...

6.8CVSS5.8AI score0.00112EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53612

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - util-linux - None Ubuntu Linux - Local Privilege Escalation via TOCTOU in mount8 hookowner.c chmod/chown CVE-2026-53612 Note that Nessus relies o...

5.9AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-53613

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - upstream upgrade with security fixes: - CVE-2026-53612 - libmount: TOCTOU attack via ancestor directory swap during mount - CVE-2026-53613 - libmount: SUID bypa...

5.9AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - util-linux - None Ubuntu Linux - Local Privilege Escalation via LIBMOUNTFORCEMOUNT2 Environment Variable - nosuid/noexec Bypass in SUID mount8...

5.9AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53615

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - util-linux - None Ubuntu Linux - Integer Overflow or Wraparound in libblkid/src/partitions/dos.c CVE-2026-53615 Note that Nessus relies on the...

5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49303

Name of the Vulnerable Software and Affected Versions Vector version 0.54.0 Description An issue in the '/util/http/prelude.rs' endpoint allows attackers to cause a Denial of Service DoS, which is a condition where a service becomes unavailable to its intended users, by sending a crafted request ...

6.5CVSS5.2AI score0.00289EPSS
Exploits0References3
CVE
CVE
added 2026/06/15 12:0 a.m.19 views

CVE-2026-39197

Summary: CVE-2026-39197 affects Datadog Vector v0.54.0 with a vulnerability in the /util/http/prelude.rs endpoint that can trigger a Denial of Service (DoS) via a crafted request or payload. The CVSS-derived metrics indicate NETWORK attack vector, low attack complexity, required privileges, and h...

6.5CVSS5.4AI score0.00289EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 8:59 p.m.29 views

CVE-2026-53609

CVE-2026-53609 involves ApostropheCMS (Node.js) up to version 4.30.0, where apos.util.set() can traverse dot-notation paths and fail to sanitize proto , enabling an authenticated editor to write arbitrary values to Object.prototype via the $pullAll patch operator. A confirmed gadget in publicApiC...

9.1CVSS5.5AI score0.00237EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 8:59 p.m.35 views

CVE-2026-53609 Apostrophe has Server-Side Prototype Pollution in apos.util.set via patch operators that leads to process-wide authorization bypass

ApostropheCMS is an open-source Node.js content management system. In versions up to and including 4.30.0, apos.util.set traverses dot-notation paths without sanitizing proto, allowing an authenticated editor to write arbitrary values to Object.prototype via the $pullAll patch operator. A confirm...

9.1CVSS0.00237EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.11 views

EulerOS Virtualization 2.13.0 : util-linux (EulerOS-SA-2026-2420)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check- Time-of-Use vulnerabilit...

5.3CVSS5.5AI score0.00436EPSS
Exploits1References3
Rows per page
Query Builder