1146 matches found
[SECURITY] [DLA 4657-1] sogo security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4657-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb June 29, 2026 https://wiki.debian.org/LTS -...
CVE-2026-54370
acl before version 2.4.0 contains a time-of-check to time-of-use TOCTOU race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat check and subsequent symlink-following operations such as stat, chown,...
CVE-2026-54369
acl before version 2.4.0 contains a symlink traversal vulnerability in the libacl pathname-based functions aclgetfile, aclsetfile, aclextendedfile, and acldeletedeffile that allows local attackers to escalate privileges by replacing any pathname component with a symbolic link. Attackers who contr...
CVE-2026-54370
A time-of-check to time-of-use TOCTOU race condition vulnerability was found in acl. By replacing a pathname component with a symbolic link between a security check and subsequent file operations, an attacker can redirect file access control list operations. This occurs when privileged processes...
CVE-2026-54369
A flaw was found in the acl package, specifically within its libacl pathname-based functions. A local attacker could exploit this vulnerability by using a symbolic link to replace a pathname component. This could allow the attacker to redirect access control list ACL read or write operations to...
CVE-2026-54370
CVE-2026-54370 affects acl before version 2.4.0, introducing a TOCTOU race where an attacker-controlled pathname component can replace a component with a symlink between an lstat() check and subsequent operations (stat, chown, chmod, acl_get_file, acl_set_file). This enables local privilege escal...
CVE-2026-46549
CVE-2026-46549 affects NocoDB. Prior to version 2026.04.1, the OAuth token strategy attached oauth_scope and oauth_granted_resources to the request user, but the ACL middleware did not enforce them. This allowed an OAuth token with a restricted scope to inherit the underlying user’s full permissi...
EUVD-2026-38426
Missing authentication for critical function vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. CafePlus allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects CafePlus: from 12.05.03 before 12.05.04...
Astra Linux – Vulnerability in Redis
Redis is an open-source, in-memory database that persists data on disk. A user with sufficient privileges can create a malformed ACL selector, which, when accessed, triggers a server panic and subsequent denial of service. This issue exists in Redis version 7, before versions 7.2.6 and 7.4.1. Use...
Astra Linux – Vulnerability in Redis
Redis is an open-source, in-memory database that persists data on disk. In versions prior to 8.0.3, as well as in 7.4.5, 7.2.10, and 6.2.19, an authenticated user could use a specially crafted string to trigger an out-of-bounds write operation on the hyperloglog data structure, potentially leadin...
Astra Linux – Vulnerability in libarchive
An improper link resolution flaw during the extraction of an archive can cause changes to the access control list ACL of the target of the link. An attacker may provide a malicious archive to a victim user, triggering this flaw when the victim tries to extract the archive. A local attacker may...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The reference count leak in smbcheckpermdacl has been fixed. The issue occurs in a specific part of smbcheckpermdacl. When “id” and “uid” have the same value, the function simply jumps out of the loop without decrementing...
Astra Linux – Vulnerability in Redis
Redis is an open-source, in-memory database that persists data on disk. A integer overflow bug in the underlying string library can be exploited to corrupt the heap, potentially leading to denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-l...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: mlxsw: spectrumacltcam: Fixed stack corruption When tc filters are first added to a network device, the corresponding local port is bound to an ACL group within the device. This group contains a list of ACLs. Each ACL points t...
Astra Linux – Vulnerability in Samba
A vulnerability was discovered in Samba. A delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object’s creation. This issue arises because the administrator...
Linux Distros Unpatched Vulnerability : CVE-2026-12528
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger...
BIT-PARSE-2026-53726 Parse Server: Relation `$relatedTo` query bypasses `protectedFields` and owning-object ACL
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.80 and 9.9.1, a relation query using the $relatedTo operator could read the membership of a Relation field even when that field was hidden from the requesting client by...
EUVD-2025-210138
Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects MasterStudy LMS Pro: from n/a before 4.7.16...
CVE-2026-6211
Unrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services Inc. WEOLL allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WEOLL: from 2.0.9 before 3.2.45.33...
Chisel has an ACL Bypass via Post-Handshake SSH Channel ExtraData Injection
Summary Authenticated chisel clients can bypass --authfile ACL restrictions and tunnel traffic to arbitrary destinations reachable from the server. The ACL is enforced only during the initial handshake against declared remotes, but never on subsequent SSH channels that carry actual traffic. A...