CVE-2026-32761

CVE-2026-32761 affects the File Browser project (versions 2.61.0 and earlier). The issue is a permission enforcement bypass in the public share download flow: users with perm.share=true but perm.download=false can exfiltrate file contents by creating a public share link and accessing /api/public/...

MiracleLinux 8 : libsoup-2.62.3-7.el8_10 (AXSA:2025-9617:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9617:02 advisory. libsoup: buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict CVE-2024-52531 Tenable has extracted the preceding description block directly...

PT-2025-32655 · Siemens · Sicam Q100 +1

Name of the Vulnerable Software and Affected Versions: POWER METER SICAM Q100 versions 2.60 through 2.61 POWER METER SICAM Q200 versions 2.70 through 2.79 Description: Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extra...

PT-2025-32656 · Siemens · Sicam Q100 +1

Name of the Vulnerable Software and Affected Versions: POWER METER SICAM Q100 versions 2.60 through 2.61 POWER METER SICAM Q200 versions 2.70 through 2.79 Description: Affected devices export the password for the SMTP account as plain text in the configuration file. This could allow an...

CVE-2024-29069

In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image such as icons and...

CVE-2024-29069 snapd will follow archived symlinks when unpacking a filesystem

In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image such as icons and...

CVE-2024-29068

In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. The snap format is a squashfs file-system image and so can contain files that are non-regular files such as pipes or sockets etc. Various file entries within the snap squashfs image such as icons...

DEBIAN-CVE-2024-1724

In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap whic...

PT-2024-18253 · Canonical +2 · Snapd +3

Name of the Vulnerable Software and Affected Versions: snapd versions prior to 2.62 Description: The issue arises when using AppArmor for enforcement of sandbox permissions in snapd. It failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to...

CVE-2024-29068

In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. The snap format is a squashfs file-system image and so can contain files that are non-regular files such as pipes or sockets etc. Various file entries within the snap squashfs image such as icons...

PT-2024-6091 · Snapd +4 · Snapd +4

Name of the Vulnerable Software and Affected Versions: snapd versions prior to 2.62 Description: The issue is related to the improper checking of symbolic link destinations when extracting a snap. This could allow an attacker to convince a user to install a malicious snap, which in turn could cau...

Update of nss

Update to CKBI 2.62 from NSS 3.91 - Added: - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root CA2"...

Update of ca-certificates

update to CKBI 2.62 from NSS 3.91 - added new certificates: - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root CA2"...

[SECURITY] [DLA 1124-1] dnsmasq security update

Package : dnsmasq Version : 2.62-3+deb7u4 CVE ID : CVE-2017-14491 CVE-2017-14492 CVE-2017-14494 Felix Wilhelm, Fermin J. Serna, Gabriel Campana, Kevin Hamacher, Ron Bowes and Gynvael Coldwind of the Google Security Team discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and...

DSA-3251-1 dnsmasq - security update

Bulletin has no description...

PT-2010-1249 · Ssmtp +1 · Ssmtp +1

Name of the Vulnerable Software and Affected Versions: ssmtp versions 2.61 through 2.62 Description: The issue allows local users to cause an application exit via an e-mail message containing a long line that begins with a . dot character. This is considered a usability problem for senders of...

CVE-2003-1354

The CVE-2003-1354 issue concerns GameSpy 3D 2.62–compatible gaming servers that respond with very large UDP packets to tiny requests, enabling remote attackers to use these servers as an amplification vector for DDoS attacks with spoofed UDP query packets (illustrated by Battlefield 1942). The vu...

MiraksGalerie Multiple Remote File Include Vulnerabilities

miraksgalerie容易多偏远档案-包括脆弱性.这些问题都因未能妥善消毒的应用用户提供投入.攻击者可以利用一个任意偏远这些问题包括含有恶意PHP的档案资讯代码和执行方面的Web服务进程.这可能允许攻击者妥协的应用和基本制度; 其他攻击也是可能. mirakmiraksgalerie2.62 目前我们不知道有任何卖方供应贴片一下. 如果你觉得我们都知道,在最近的错误或资料,请邮件:[email protected]:[email protected] html head meta http-equiv="Content-Type"...

MiraksGalerie 2.62 - pcltar.lib.php Remote File Inclusion

MiraksGalerie 2.62 - pcltar.lib.php Remote File Inclusion MiraksGalerie //'=============================================================================================== //'Script Name: MiraksGalerie MiraksGalerie Target:http://target/scriptpathfont color="00FF00" size="2" face="Aria...

MiraksGalerie 2.62 - 'pcltar.lib.php' Remote File Inclusion

MiraksGalerie //'=============================================================================================== //'Script Name: MiraksGalerie MiraksGalerie Target:http://target/scriptpath...