📦 Codeready Linux Builder

A heap-based buffer overflow vulnerability in glib's g_escape_uri_string() function allows attackers to write beyond allocated memory boundaries when processing strings with many characters requiring ...

CVE-2025-3155 is a vulnerability in Yelp (the GNOME help application) that allows malicious help documents to execute arbitrary scripts. This could enable attackers to exfiltrate user files to externa...

CVE-2025-2784 is a heap buffer over-read vulnerability in libsoup's skip_insight_whitespace() function. When processing a malicious HTTP response, libsoup clients can read one byte beyond allocated me...

A race condition in SSSD (System Security Services Daemon) causes inconsistent application of Group Policy Object (GPO) policies for authenticated users. This can lead to improper authorization decisi...

This CVE allows any local process to modify Unbound DNS resolver's runtime configuration via port 8953 due to incorrect default permissions. Attackers can alter DNS forwarders to intercept or disrupt ...

CVE-2023-5633 is a use-after-free vulnerability in VMware's 3D acceleration memory handling that allows local unprivileged users within a VMware guest virtual machine to escalate privileges. This affe...

CVE-2023-4911 is a buffer overflow vulnerability in the GNU C Library's dynamic loader (ld.so) that allows local attackers to exploit SUID binaries. By crafting malicious GLIBC_TUNABLES environment va...

A buffer overflow vulnerability in the Linux Kernel's Netfilter subsystem allows local attackers to leak memory addresses and potentially execute arbitrary code. This could lead to local privilege esc...

CVE-2019-8720 is a memory corruption vulnerability in WebKit that allows arbitrary code execution when processing malicious web content. This affects any application using WebKit for web rendering, in...

CVE-2021-3697 is a heap buffer underflow vulnerability in GRUB2's JPEG parser that allows a crafted JPEG image to corrupt heap memory. Successful exploitation could lead to arbitrary code execution or...

A memory access vulnerability in the Linux kernel's i915 GPU driver allows local attackers to execute malicious GPU code, potentially causing system crashes or privilege escalation. This affects Linux...

A use-after-free vulnerability in the Linux kernel's FUSE filesystem allows a local attacker to trigger write() operations that can lead to unauthorized data access and privilege escalation. This affe...

CVE-2022-0847 (Dirty Pipe) is a Linux kernel vulnerability that allows unprivileged local users to write to read-only files in the page cache, enabling privilege escalation to root. This affects Linux...

A local privilege escalation vulnerability in the KVM subsystem for s390 architecture in Linux kernel allows a local attacker with normal user privileges to gain unauthorized memory write access. This...

This vulnerability in KVM's AMD SVM nested virtualization allows a malicious L1 guest to disable security intercepts for L2 guests, potentially enabling L2 guests to read/write host physical memory. T...

CVE-2022-0492 is a Linux kernel vulnerability in the cgroups v1 release_agent feature that allows local attackers to escalate privileges and escape container namespaces. This affects Linux systems usi...

CVE-2020-25717 is a privilege escalation vulnerability in Samba's domain user mapping mechanism. Authenticated attackers can exploit this flaw to gain elevated privileges on Samba servers. This affect...