Lucene search
K

20 matches found

Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-54591 AsyncSSH: SCP Path Traversal to Arbitrary File Write

AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Prior to 2.23.1, a malicious SSH server can write arbitrary files on the asyncssh SCP client's filesystem by sending filenames containing ../...

8.1CVSS0.00317EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53154

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore reservation on error in hugetlb folio copy paths Two sites in mm/hugetlb.c allocate a hugetlb folio via allochugetlbfolio consuming a VMA reservation and then call copyuserlargefolio, which became int-returnin...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.17 views

CVE-2026-39360

RustFS is a distributed object storage system built in Rust. Prior to alpha.90, RustFS contains a missing authorization check in the multipart copy path UploadPartCopy. A low-privileged user who cannot read objects from a victim bucket can still exfiltrate victim objects by copying them into an...

5.3CVSS5.4AI score0.00201EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/02 3:27 p.m.11 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: rxrpc: DATA/RESPONSE packets are also unshared when paged fragments are present. The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb into a linear sequence before calling...

7.8CVSS6.9AI score0.92766EPSS
Exploits20References3
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.8 views

Dokploy 安全漏洞

Dokploy is an open-source software developed by Dokploy itself. Versions of Dokploy prior to 0.29.1 contain security vulnerabilities. These vulnerabilities stem from the destinationPath parameter in the Docker file upload function not being properly cleaned and directly inserted into the shell...

9.9CVSS6.1AI score0.00866EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/21 5:11 p.m.10 views

androidqf: APK download Path Traversal in device APK paths

Summary During device acquisition, getPathToLocalCopy constructs local filesystem paths for downloaded APKs using a filename component extracted by extractFileName. The extraction splits on ==/ and takes the remainder without sanitization. If a compromised device returns a crafted APK path...

5.9AI score
Exploits0References3Affected Software1
NVD
NVD
added 2026/05/11 8:16 a.m.41 views

CVE-2026-43500

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS0.92766EPSS
Exploits20References9
Vulnrichment
Vulnrichment
added 2026/05/11 6:26 a.m.16 views

CVE-2026-43500 rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS5.8AI score0.92766EPSS
Exploits20References5
NVD
NVD
added 2026/04/03 4:16 p.m.5 views

CVE-2026-23453

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with AFXDP zero-copy mode, which uses xskbufffree instead. However, this...

7.5CVSS0.00343EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/04 1:56 a.m.7 views

CVE-2025-50189

Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the POST resourcedocumentSQLINJECTIONHERE and POST login parameters found in /main/coursecopy/copycoursesessionselected.php, which allows an attack...

8.8CVSS5.9AI score0.00733EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/02 2:49 p.m.7 views

EUVD-2025-208158

Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the POST resourcedocumentSQLINJECTIONHERE and POST login parameters found in /main/coursecopy/copycoursesessionselected.php, which allows an attack...

7.2CVSS5.9AI score0.00733EPSS
Exploits1References5
NVD
NVD
added 2026/01/06 6:15 p.m.3 views

CVE-2025-15382

A heap buffer over-read vulnerability exists in the wolfSSHCleanPath function in wolfSSH. An authenticated remote attacker can trigger the issue via crafted SCP path input containing '/./' sequences, resulting in a heap over read by 1 byte...

8.1CVSS0.00302EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.5 views

PT-2026-1498

Name of the Vulnerable Software and Affected Versions wolfSSH affected versions not specified Description A heap buffer over-read issue exists in the wolfSSH CleanPath function within wolfSSH. A remote attacker with authentication can trigger this by providing specially crafted SCP path input tha...

5.1CVSS6.9AI score0.00302EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.4 views

PT-2025-49421

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.12+deb14-cloud-amd64 1 Description The Linux kernel contained a flaw in the xsk XDP socket subsystem related to descriptor number handling on completion queues. A commit 30f241fcf52a initially introduced an...

9.8CVSS6.3AI score0.00378EPSS
Exploits7References213
OSV
OSV
added 2025/10/04 4:15 p.m.2 views

UBUNTU-CVE-2023-53606

In the Linux kernel, the following vulnerability has been resolved: nfsd: clean up potential nfsdfile refcount leaks in COPY codepath There are two different flavors of the nfsd4copy struct. One is embedded in the compound and is used directly in synchronous copies. The other is dynamically...

5.5CVSS5.7AI score0.00135EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2025/06/19 3:42 a.m.3 views

SUSE CVE-2022-50069

In the Linux kernel, the following vulnerability has been resolved: BPF: Fix potential bad pointer dereference in bpfsysbpf The bpfsysbpf helper function allows an eBPF program to load another eBPF program from within the kernel. In this case the argument union bpfattr pointer as well as the insn...

5.5CVSS5.8AI score0.002EPSS
Exploits0References3
OSV
OSV
added 2024/11/14 5:15 a.m.10 views

UBUNTU-CVE-2023-34049

The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...

6.7CVSS7.3AI score0.00187EPSS
Exploits0References3
OSV
OSV
added 2024/03/11 6:15 p.m.2 views

DEBIAN-CVE-2024-26611

In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpfxdpadjusttail and memory type is set to MEMTYPEXSKBUFFPOOL, null ptr dereference happens: 1136314.192256 BUG: kernel NULL pointer...

5.5CVSS5.5AI score0.00238EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: nfsd: clean up potential nfsd_file refcount leaks in COPY codepath

A reference leak flaw was found in the Linux kernel's NFS server implementation in the file copy operation handling. A local user can trigger this issue when asynchronous copy operations fail to create worker threads, causing nfsdfile references held by the embedded copy structure to leak. This...

5.5CVSS7.1AI score0.00135EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/11/04 1:0 a.m.5 views

libssh: unsanitized location in scp could lead to unwanted command execution

A flaw was found with the libssh API function sshscpnew. A user able to connect to a server using SCP could execute arbitrary command using a user-provided path, leading to a compromise of the remote target...

9.3CVSS7.4AI score0.0316EPSS
Exploits0References5
Rows per page
Query Builder