Lucene search
+L

227 matches found

Vulnrichment
Vulnrichment
added 2026/04/29 12:0 a.m.3 views

CVE-2026-38993

Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...

5.4AI score0.00835EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/29 12:0 a.m.3 views

CVE-2026-38993

Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...

5.5AI score0.00835EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/29 12:0 a.m.30 views

CVE-2026-38993

Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...

0.00835EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.7 views

PT-2026-35935

Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...

5.4AI score0.00835EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/29 12:0 a.m.6 views

EUVD-2026-26243

Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...

6.5CVSS5.5AI score0.00835EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.11 views

Cockpit 路径遍历漏洞

Cockpit is an interactive server management interface developed by Cockpit OpenSource. Versions of Cockpit 2.13.5 and earlier had a path traversal vulnerability, which was caused by directory traversal in the Buckets component. This vulnerability could lead to arbitrary file writing...

6.5CVSS5.9AI score0.00835EPSS
Exploits0References1
CVE
CVE
added 2026/04/29 12:0 a.m.15 views

CVE-2026-38993

CVE-2026-38993 affects Cockpit up to version 2.13.5. The Buckets component enables directory traversal, allowing an authenticated attacker to write files to arbitrary locations within the uploads directory or replace assets with malicious versions. Public references (Red Hat, GHSA, OSV, Snyk, and...

8.1CVSS5.5AI score0.00835EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/29 12:0 a.m.6 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Buckets component. An attacker can modify or overwrite files in arbitrary locations within the uploads directory by submitting crafted input that exploits directory traversal sequences. Details A Directory...

8.1CVSS6.3AI score0.00835EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 12:0 a.m.2 views

CVE-2026-38993

Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...

6.5CVSS6AI score0.00835EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 2026/04/14 8:2 a.m.7 views

netfilter: ipset: drop logically empty buckets in mtype_del

...

8.1CVSS6.2AI score0.0012EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/13 11:26 p.m.6 views

SUSE CVE-2026-31418

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...

5.5CVSS5.8AI score0.0012EPSS
Exploits0References3
OSV
OSV
added 2026/04/13 2:16 p.m.6 views

UBUNTU-CVE-2026-31418

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...

5.5CVSS6AI score0.0012EPSS
Exploits0References22
Cvelist
Cvelist
added 2026/04/13 1:21 p.m.31 views

CVE-2026-31418 netfilter: ipset: drop logically empty buckets in mtype_del

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...

0.0012EPSS
Exploits0References8
CVE
CVE
added 2026/04/13 1:21 p.m.45 views

CVE-2026-31418

CVE-2026-31418 is a Linux kernel vulnerability in netfilter/ipset mtype_del where drop of empty buckets is not performed correctly, leaving buckets with only deleted entries when n->pos points past them. The fix changes how a bucket is treated as empty: release the bucket directly when all pos...

5.5CVSS5.8AI score0.0012EPSS
Exploits0References10Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/13 1:21 p.m.3 views

CVE-2026-31418

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...

5.9AI score0.0012EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/04/13 1:21 p.m.2 views

CVE-2026-31418 netfilter: ipset: drop logically empty buckets in mtype_del

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...

5.5CVSS5.9AI score0.0012EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2026/04/13 1:21 p.m.4 views

CVE-2026-31418

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...

5.5CVSS5.2AI score0.0012EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/04/13 12:0 a.m.6 views

CVE-2026-31418

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...

5.5CVSS6.1AI score0.0012EPSS
Exploits0References21
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.7 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mtypedel function not properly deleting logical empty buckets, potentially leading to memory...

5.5CVSS5.8AI score0.0012EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.7 views

PT-2026-32344

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter ipset component where the mtype del function fails to drop logically empty buckets. The function counts empty slots below n-pos in k, but only drops the...

5.5CVSS5.8AI score0.0012EPSS
Exploits0
Rows per page
Query Builder