Aggregator

Pear

Dark Feed IO
5 days 16 hours ago

You must login to view this content

cohenido

CVE-2026-31508 | Linux Kernel up to 6.19.10 netdev_destroy privilege escalation (Nessus ID 313522)

Vuldb Updates
5 days 16 hours ago
A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.19.10. The affected element is the function netdev_destroy. Executing a manipulation can lead to privilege escalation. This vulnerability is registered as CVE-2026-31508. The attack requires access to the local network. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-31504 | Linux Kernel up to 6.19.10 packet_release arr[] use after free (Nessus ID 313522)

Vuldb Updates
5 days 16 hours ago
A vulnerability was found in Linux Kernel up to 6.19.10. It has been classified as critical. The impacted element is the function packet_release. The manipulation of the argument arr[] leads to use after free. This vulnerability is uniquely identified as CVE-2026-31504. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-31496 | Linux Kernel up to 6.19.10 netfilter nf_conntrack_expect privilege escalation (Nessus ID 313522)

Vuldb Updates
5 days 16 hours ago
A vulnerability has been found in Linux Kernel up to 6.1.167/6.6.130/6.12.79/6.18.20/6.19.10 and classified as critical. The impacted element is the function nf_conntrack_expect of the component netfilter. Performing a manipulation results in privilege escalation. This vulnerability was named CVE-2026-31496. The attack needs to be approached within the local network. There is no available exploit. The affected component should be upgraded.
vuldb.com

CVE-2026-31495 | Linux Kernel up to 6.19.10 netfilter privilege escalation (Nessus ID 313522)

Vuldb Updates
5 days 16 hours ago
A vulnerability labeled as problematic has been found in Linux Kernel up to 6.19.10. This impacts an unknown function of the component netfilter. Such manipulation leads to privilege escalation. This vulnerability is listed as CVE-2026-31495. The attack must be carried out from within the local network. There is no available exploit. The affected component should be upgraded.
vuldb.com

CVE-2026-31503 | Linux Kernel up to 6.19.10 udp_lib_lport_inuse privilege escalation (Nessus ID 313522)

Vuldb Updates
5 days 16 hours ago
A vulnerability classified as problematic was found in Linux Kernel up to 6.1.167/6.6.130/6.12.79/6.18.20/6.19.10. Impacted is the function udp_lib_lport_inuse. Such manipulation leads to privilege escalation. This vulnerability is documented as CVE-2026-31503. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-31473 | Linux Kernel up to 6.19.10 media media_request_ioctl_reinit use after free (Nessus ID 313522)

Vuldb Updates
5 days 16 hours ago
A vulnerability classified as critical has been found in Linux Kernel up to 6.19.10. This impacts the function media_request_ioctl_reinit of the component media. Performing a manipulation results in use after free. This vulnerability is reported as CVE-2026-31473. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-31480 | Linux Kernel up to 6.19.10 tracing cpus_write_lock deadlock (Nessus ID 313522)

Vuldb Updates
5 days 16 hours ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.19.10. Affected by this vulnerability is the function cpus_write_lock of the component tracing. The manipulation leads to deadlock. This vulnerability is traded as CVE-2026-31480. Access to the local network is required for this attack to succeed. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-31492 | Linux Kernel up to 6.19.10 free_qp initialization (Nessus ID 313522)

Vuldb Updates
5 days 16 hours ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.1.167/6.6.130/6.12.79/6.18.20/6.19.10. The impacted element is the function free_qp. The manipulation results in improper initialization. This vulnerability is identified as CVE-2026-31492. The attack can only be performed from the local network. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-31469 | Linux Kernel up to 6.19.10 virtio_net lib/percpu_counter.c free_old_xmit use after free (Nessus ID 313522)

Vuldb Updates
5 days 16 hours ago
A vulnerability was found in Linux Kernel up to 6.19.10 and classified as critical. This affects the function free_old_xmit in the library lib/percpu_counter.c of the component virtio_net. The manipulation results in use after free. This vulnerability is identified as CVE-2026-31469. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-33634 | aquasecurity setup-trivy/trivy-action/trivy up to 0.2.5 malicious code (GHSA-69fq-xp46-6x23)

Vuldb Updates
5 days 16 hours ago
A vulnerability marked as critical has been reported in aquasecurity setup-trivy, trivy-action and trivy up to 0.2.5. Impacted is an unknown function. The manipulation leads to embedded malicious code. This vulnerability is listed as CVE-2026-33634. The attack may be initiated remotely. In addition, an exploit is available. It is suggested to upgrade the affected component.
vuldb.com

Security Affairs newsletter Round 576 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs
5 days 16 hours ago
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Quasar Linux RAT (QLNX): A Fileless Linux Implant Built for Stealth and Persistence Braintrust security incident […]
Pierluigi Paganini

Lynx

Dark Feed IO
5 days 17 hours ago

You must login to view this content

cohenido

Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams

Help Net Security
5 days 17 hours ago

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Your work apps are quietly handing 19 data points to someone Office work in 2026 relies on mobile apps used alongside personal tools like banking and messaging. Ten widely used workplace apps, including Gmail, Microsoft Teams, Zoom, Slack, and Notion, have over 12.5 billion Google Play downloads. Research from Incogni shows these apps collect an average of 19 data points … More →

The post Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams appeared first on Help Net Security.

Help Net Security

CVE-2026-31466 | Linux Kernel up to 6.19.10 huge_memory softleaf_to_folio privilege escalation (Nessus ID 313522)

Vuldb Updates
5 days 17 hours ago
A vulnerability classified as critical has been found in Linux Kernel up to 6.19.10. This affects the function softleaf_to_folio of the component huge_memory. This manipulation causes privilege escalation. This vulnerability is handled as CVE-2026-31466. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-31458 | Linux Kernel up to 6.6.130/6.12.79/6.18.20/6.19.10 damon_sysfs_handle_cmd null pointer dereference (Nessus ID 313522 / WID-SEC-2026-1252)

Vuldb Updates
5 days 17 hours ago
A vulnerability identified as critical has been detected in Linux Kernel up to 6.6.130/6.12.79/6.18.20/6.19.10. Impacted is the function damon_sysfs_handle_cmd. The manipulation leads to null pointer dereference. This vulnerability is listed as CVE-2026-31458. The attack must be carried out from within the local network. There is no available exploit. You should upgrade the affected component.
vuldb.com

CVE-2026-31453 | Linux Kernel up to 6.19.10 xfsaild_push_item null pointer dereference (Nessus ID 313522 / WID-SEC-2026-1252)

Vuldb Updates
5 days 17 hours ago
A vulnerability was found in Linux Kernel up to 6.1.167/6.6.130/6.12.79/6.18.20/6.19.10. It has been declared as critical. This affects the function xfsaild_push_item. Such manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2026-31453. The attack needs to be initiated within the local network. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad