Lucene search
K

46 matches found

RedHat Linux
RedHat Linux
added 3 days ago4 views

mariadb: mbstream: Unauthorized file creation via path traversal

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 3 days ago4 views

mariadb: mbstream: Unauthorized file creation via path traversal

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 3 days ago2 views

mariadb: mbstream: Unauthorized file creation via path traversal

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/23 8:0 a.m.10 views

CVE-2026-44171

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS5.8AI score0.00135EPSS
Exploits0References5
OSV
OSV
added 2026/06/16 11:50 a.m.5 views

BIT-MYSQL-CLIENT-2026-44171 MariaDB: path traversal in mbstream

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

7.8CVSS5.3AI score0.00135EPSS
Exploits0References3
NVD
NVD
added 2026/06/12 6:16 p.m.11 views

CVE-2026-44171

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

7.8CVSS0.00135EPSS
Exploits0References2
OSV
OSV
added 2026/06/12 6:16 p.m.6 views

ALPINE-CVE-2026-44171

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

7.8CVSS5.3AI score0.00135EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 5:33 p.m.40 views

CVE-2026-44171 MariaDB: path traversal in mbstream

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

6.3CVSS0.00135EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 5:33 p.m.9 views

CVE-2026-44171 MariaDB: path traversal in mbstream

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

6.3CVSS5.4AI score0.00135EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 5:33 p.m.26 views

CVE-2026-44171

CVE-2026-44171 describes a path traversal vulnerability in MariaDB’s mbstream during archive extraction. Affected releases are MariaDB server branches: 10.6.1–10.6.25, 10.11.1–10.11.16, 11.4.1–11.4.10, 11.8.1–11.8.6, and 12.3.1. A crafted archive could cause mbstream to create files outside the i...

7.8CVSS5.2AI score0.00135EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/12 5:33 p.m.11 views

EUVD-2026-36516

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

6.3CVSS5.2AI score0.00135EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/12 5:33 p.m.12 views

CVE-2026-44171

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

7.8CVSS5.3AI score0.00135EPSS
Exploits0References2
OSV
OSV
added 2026/01/12 5:39 p.m.6 views

GO-2026-4278 HashiCorp Nomad is vulnerable to path escape through archive unpacking during migration in github.com/hashicorp/nomad

HashiCorp Nomad is vulnerable to path escape through archive unpacking during migration in github.com/hashicorp/nomad...

8.6CVSS6.9AI score0.00388EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-2459

Malicious code in bioql PyPI...

5.8CVSS6.3AI score0.00333EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-7625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation...

5.8CVSS5.4AI score0.00333EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:35 a.m.6 views

CVE-2024-7625

In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability,...

5.8CVSS6.6AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:38 a.m.12 views

CVE-2024-24940

In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives...

4.3CVSS6.9AI score0.00275EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.3 views

Progress Telerik UI 路径遍历漏洞

Progress Telerik UI is a suite of UI user interface controls for application development from Progress, Inc. A path traversal vulnerability exists in Progress Telerik UI prior to version 2025 Q1, which stems from the fact that the use of improper destination path restrictions could result in the...

9.8CVSS6.5AI score0.00374EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 3:6 a.m.7 views

CVE-2024-6717

HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2...

7.7CVSS6.7AI score0.00388EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/13 12:0 a.m.3 views

PT-2024-41143 · 7 Zip · 7-Zip

Name of the Vulnerable Software and Affected Versions: 7-Zip affected versions not specified Description: The issue is related to a flaw in the Mark-of-the-Web protection mechanism of 7-Zip, which can lead to data protection violations. Exploitation of this issue may allow an attacker to execute...

4.3CVSS7.8AI score
Exploits0References1
Rows per page
Query Builder