Exploit for Out-of-bounds Write in Linux Linux_Kernel

本地提权 CVE-2026-46300 使用方式： CGOENABLED=0 go build -ldflag...

Exploit for Write-what-where Condition in Linux Linux_Kernel

Local privilege escalation / Container escape: CVE-2026-43284 /...

PT-2026-45987

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager affected versions not specified Cisco Unified Communications Manager Session Management Edition affected versions not specified Description An issue in Cisco Unified Communications Manager and Unified...

PT-2026-46025

In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl xcvr: Revert fix missing lock in fsl xcvr mode put This reverts commit f51424872760 "ASoC: fsl xcvr: fix missing lock in fsl xcvr mode put". The original patch attempted to acquire the card-controls rwsem lock in fsl xc...

PT-2026-45930

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users with administrator privileges to write specific files containing non-sensitive informati...

UBUNTU-CVE-2026-5385

An unauthenticated user with write access to the knowledge base can st...

Linux Distros Unpatched Vulnerability : CVE-2026-46183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/sysfs-schemes: protect path kfree with damonsysfslock damonsysfsquotgoal-path can be read and written by users, via DAMON sysfs 'path' file. It can als...

PT-2026-45931

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...

PT-2026-45956

GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, a technician can delete arbitrary files from the filesystem as long as the webserver has write rights on them. Upgrade to 10.0.25 or 11.0.7 to receive a patch...

Security update for python-PyMuPDF (important)

openSUSE security update: security update for python-pymupdf ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20887-1 Rating: important References: bsc1259921 Cross-References: CVE-2026-3029 Affected Products: openSUSE Leap 16.0...

PT-2026-46019

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfs writepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are determined to be on...

Siemens SENTRON PAC Out-of-bounds Write (CVE-2020-17437)

The TCP/IP stack uIP in affected devices is vulnerable to out-of-bounds write when processing TCP packets with urgent pointer URG where the location of the TCP data payload is calculated improperly. An attacker located in the same network could trigger a Denial-of-Service condition on the device ...

Linux Distros Unpatched Vulnerability : CVE-2026-45881

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - soc: mediatek: svs: Fix memory leak in svsenabledebugwrite In svsenabledebugwrite, the buf allocated by memdupusernul is leaked if kstrtoint fails. Fix this by...

CVE-2026-10719

Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a value to 1 via a maliciously crafted NVMe device with a bogus value in the namespace FLBAS byte...

CVE-2026-10719 Open Seachest/Seachest NVMe show Format Descriptors Vulnerability

Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a value to 1 via a maliciously crafted NVMe device with a bogus value in the namespace FLBAS byte...

CVE-2026-10719

Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a value to 1 via a maliciously crafted NVMe device with a bogus value in the namespace FLBAS byte...

CVE-2026-10718

Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation...

CVE-2026-10718 Open Seachest/Seachest NVMe Trim (Deallocate) Vulnerability

Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation...

CVE-2026-40861

A Dag author could either a create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process read-path attack — e.g. /etc/passwd or airflow.cfg or b supply a taskid containing .. sequences accepted by the Task SDK's KEYREGEX write-path attack, and...

CVE-2026-5385

An unauthenticated user with write access to the knowledge base can store an XSS payload in a knowledge base item. This issue affects glpi: before 11.0.7...