[UPDATE] [high] Linux Kernel: Vulnerability allows privilege escalation
A local attacker can exploit a vulnerability in the Linux Kernel to gain root privileges.
● Live advisory feed
Security advisories from 24 sources — CISA, CERT-EU, NCSC-UK, BSI, CERT-FR, NCSC-NL, JPCERT/CC, JVN, HKCERT, the Canadian Cyber Centre, NVD, GitHub, Microsoft, Cisco, Fortinet, Palo Alto Networks and more — normalized, translated to English and flagged against the CISA KEV catalog. One global feed for CSIRTs, SOCs and defenders.
A local attacker can exploit a vulnerability in the Linux Kernel to gain root privileges.
A remote, authenticated attacker can exploit a vulnerability in Red Hat Enterprise Linux to manipulate files.
A remote, anonymous attacker can exploit a vulnerability in Python to conduct a denial of service attack.
An attacker can exploit multiple vulnerabilities in Red Hat Ansible Automation Platform to bypass security precautions, disclose information, manipulate data, and cause a denial-of-service condition.
A remote, anonymous attacker can exploit a vulnerability in Python to conduct a denial of service attack.
An attacker can exploit multiple vulnerabilities in GStreamer to conduct a Denial of Service attack, manipulate data, or disclose confidential information.
A remote, anonymous or local attacker can exploit multiple vulnerabilities in NGINX NGINX Plus and NGINX to conduct a denial of service attack.
A remote, authenticated attacker can exploit multiple vulnerabilities in Apache CXF to bypass security measures, conduct XML External Entity attacks, manipulate data, or disclose confidential information.
A remote, anonymous attacker can exploit multiple vulnerabilities in Netty to bypass security measures, manipulate data, disclose confidential information, or cause a denial-of-service condition.
An attacker can exploit multiple vulnerabilities in Golang Go to conduct an unspecified attack, perform a denial of service, and present false information.
A remote, anonymous attacker can exploit multiple vulnerabilities in Python to manipulate files and bypass security measures.
A local attacker can exploit a vulnerability in TianoCore EDK2 to conduct a denial of service attack.
An attacker can exploit multiple vulnerabilities in Python to execute arbitrary code or cause a denial-of-service condition.
A remote, anonymous attacker can exploit a vulnerability in NGINX and NGINX Plus to conduct a denial of service attack and potentially execute arbitrary code.
An attacker from the adjacent network or a remote, anonymous attacker can exploit multiple vulnerabilities in the EDK2 NetworkPkg IP stack implementation to execute arbitrary program code, disclose confidential information, and trigger a denial of service condition.
A remote, anonymous attacker can exploit a vulnerability in Python to bypass security mechanisms or achieve other effects.
A remote, anonymous attacker can exploit multiple vulnerabilities in Apache CXF to execute arbitrary program code, manipulate data, and disclose confidential information.
An attacker can exploit multiple vulnerabilities in Golang Go to gain elevated privileges, conduct cross-site scripting attacks, bypass security measures, or cause a denial-of-service condition.
A remote, anonymous attacker can exploit a vulnerability in Red Hat OpenShift Data Foundation to bypass security measures.
A remote, anonymous attacker can exploit a vulnerability in Python to bypass security measures.
A remote, anonymous attacker can exploit a vulnerability in Python to bypass security measures.
An attacker can exploit multiple vulnerabilities in Unbound to cause a denial of service state, potentially execute code, and cause unspecified impacts.
A remote, anonymous attacker can exploit a vulnerability in Python to carry out a Denial of Service attack.
A remote, anonymous attacker can exploit multiple vulnerabilities in NGINX Open Source and NGINX Plus to bypass security measures, execute arbitrary code, manipulate data, disclose confidential information, or cause a denial-of-service condition.
A local attacker can exploit a vulnerability in Python to elevate their privileges.
A remote, anonymous attacker can exploit a vulnerability in CPython to carry out a Denial of Service attack.
A remote, anonymous attacker can exploit a vulnerability in Python to execute arbitrary program code.
An attacker can exploit a vulnerability in Python to execute arbitrary program code.
An attacker can exploit multiple vulnerabilities in Juniper JUNOS, JUNOS Evolved, Juniper EX Series, Juniper MX Series, Juniper QFX Series, and Juniper SRX Series to cause a Denial of Service condition, disclose information, execute code, and trigger undefined behavior.
A local attacker can exploit a vulnerability in Microsoft Malware Protection Engine and Microsoft Defender to elevate their privileges.
An attacker can exploit multiple vulnerabilities in Flowise to execute arbitrary code and to disclose information.
A remote, anonymous attacker can exploit a vulnerability in Ruby and Ruby on Rails to bypass security measures and execute arbitrary code.
An attacker can exploit multiple vulnerabilities in n8n to escalate privileges, disclose information, manipulate data, perform a Cross-Site Scripting attack, bypass security measures, and execute arbitrary code.
A remote, authenticated attacker can exploit multiple vulnerabilities in rclone to read and write arbitrary files, as well as disclose information and bypass security mechanisms.
A remote, authenticated attacker can exploit multiple vulnerabilities in GitLab to execute arbitrary code, perform Cross-Site Scripting, manipulate data, or disclose confidential information.
A remote, anonymous attacker can exploit a vulnerability in FreeRDP to execute arbitrary program code.
An attacker can exploit multiple vulnerabilities in LiteLLM to disclose information, manipulate data, execute code, and bypass security measures.
An attacker can exploit multiple vulnerabilities in Progress Software MOVEit to bypass security measures, perform a Denial of Service attack, and conduct a Cross-Site Scripting attack.
A remote, anonymous attacker can exploit multiple vulnerabilities in Mozilla Firefox to conduct unspecified attacks, potentially including code execution, bypassing security measures, disclosing or manipulating data, or causing Denial-of-Service conditions.
A remote, anonymous attacker can exploit multiple vulnerabilities in Mozilla Firefox, Mozilla Firefox ESR, and Mozilla Thunderbird to execute arbitrary code, disclose information, bypass security restrictions (e.g., sandbox escape), deceive the user, escalate permissions, or caus…
An attacker can exploit multiple vulnerabilities in IBM Operational Decision Manager to execute arbitrary program code, escalate privileges, perform a Denial of Service attack, disclose information, manipulate files, and bypass security measures.
A remote, authenticated attacker can exploit multiple vulnerabilities in MISP to bypass security measures.
An attacker can exploit multiple vulnerabilities in MailPit to perform a Denial of Service attack.
A remote, authenticated attacker can exploit a vulnerability in RabbitMQ to disclose information.
A remote, authenticated attacker can exploit a vulnerability in OpenCTI to perform a Denial of Service attack.
An attacker can exploit multiple vulnerabilities in IBM Security Verify Access to gain elevated privileges, execute arbitrary code, bypass security measures, manipulate data, disclose sensitive information, and perform other unspecified attacks.
An attacker can exploit multiple vulnerabilities in Drupal to perform SQL injection attacks, bypass security measures, disclose confidential information, and conduct cross-site scripting attacks.
A remote, authenticated attacker can exploit a vulnerability in Wazuh to conduct a denial of service attack.
A remote, authenticated attacker can exploit a vulnerability in Bitwarden to bypass security measures.
An attacker from an adjacent network can exploit a vulnerability in Red Hat Enterprise Linux to execute arbitrary code with administrator rights.