227 matches found
CVE-2026-38993
Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...
CVE-2026-38993
Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...
CVE-2026-38993
Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...
PT-2026-35935
Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...
EUVD-2026-26243
Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...
Cockpit 路径遍历漏洞
Cockpit is an interactive server management interface developed by Cockpit OpenSource. Versions of Cockpit 2.13.5 and earlier had a path traversal vulnerability, which was caused by directory traversal in the Buckets component. This vulnerability could lead to arbitrary file writing...
CVE-2026-38993
CVE-2026-38993 affects Cockpit up to version 2.13.5. The Buckets component enables directory traversal, allowing an authenticated attacker to write files to arbitrary locations within the uploads directory or replace assets with malicious versions. Public references (Red Hat, GHSA, OSV, Snyk, and...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the Buckets component. An attacker can modify or overwrite files in arbitrary locations within the uploads directory by submitting crafted input that exploits directory traversal sequences. Details A Directory...
CVE-2026-38993
Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...
netfilter: ipset: drop logically empty buckets in mtype_del
...
SUSE CVE-2026-31418
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...
UBUNTU-CVE-2026-31418
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...
CVE-2026-31418 netfilter: ipset: drop logically empty buckets in mtype_del
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...
CVE-2026-31418
CVE-2026-31418 is a Linux kernel vulnerability in netfilter/ipset mtype_del where drop of empty buckets is not performed correctly, leaving buckets with only deleted entries when n->pos points past them. The fix changes how a bucket is treated as empty: release the bucket directly when all pos...
CVE-2026-31418
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...
CVE-2026-31418 netfilter: ipset: drop logically empty buckets in mtype_del
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...
CVE-2026-31418
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...
CVE-2026-31418
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mtypedel function not properly deleting logical empty buckets, potentially leading to memory...
PT-2026-32344
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter ipset component where the mtype del function fails to drop logically empty buckets. The function counts empty slots below n-pos in k, but only drops the...