Lucene search
K

72 matches found

CVE
CVE
added 2026/04/23 3:52 a.m.15 views

CVE-2026-41231

Froxlor prior to 2.3.6 has an incomplete symlink validation in DataDump.add() that uses user-supplied input to build the export path without passing fixed_homedir to FileDir::makeCorrectDir(), bypassing the symlink checks added elsewhere. When ExportCron runs as root, it performs chown -R on the ...

7.5CVSS5.9AI score0.00414EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/23 3:52 a.m.4 views

CVE-2026-41231 Froxlor has Incomplete Symlink Validation in DataDump.add() that Allows Arbitrary Directory Ownership Takeover via Cron

Froxlor is open source server administration software. Prior to version 2.3.6, DataDump.add constructs the export destination path from user-supplied input without passing the $fixedhomedir parameter to FileDir::makeCorrectDir, bypassing the symlink validation that was added to all other...

7.5CVSS7.5AI score0.00414EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.8 views

Froxlor 后置链接漏洞

Froxlor is a set of lightweight server management software developed by the Froxlor team. Versions of Froxlor prior to 2.3.6 had a post-installation link vulnerability. This vulnerability stemmed from the DataDump.add function not passing the $fixedhomedir parameter when constructing the export...

7.5CVSS5.8AI score0.00414EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.5 views

openSUSE 16 Security Update : php8 (openSUSE-SU-2026:20113-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20113-1 advisory. Version update to 8.4.16: Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when...

8.2CVSS6.1AI score0.00573EPSS
Exploits4References10
OSV
OSV
added 2025/10/27 1:11 p.m.4 views

SUSE-SU-2025:3809-1 Security update for rabbitmq-server

This update for rabbitmq-server fixes the following issues: - CVE-2025-50200: prevented logging of Basic Auth header from HTTP requests bsc1245105 - fixed a bad logrotate configuration that allowed escalation from rabbitmq to root, /var/log/rabbitmq ownership is now 750 bsc1246091...

6.7CVSS5.8AI score0.00194EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-13324

Malware in sbrugna...

10CVSS9.1AI score0.01499EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2009-1596

Malware in sbrugna...

6.8CVSS6.3AI score0.00322EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-2892

Malware in sbrugna...

6.9CVSS7.3AI score0.00318EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-1028

Malware in sbrugna...

6.9CVSS6.1AI score0.00368EPSS
Exploits0References19
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-0321

Malware in sbrugna...

4.4CVSS4.4AI score0.00329EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-5372

Malware in sbrugna...

9CVSS8.6AI score0.01891EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25306

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00109EPSS
Exploits0References1
CNVD
CNVD
added 2025/08/27 12:0 a.m.3 views

JetBrains TeamCity Elevation of Privilege Vulnerability

JetBrains TeamCity is a Continuous Integration CI/CD tool developed by JetBrains, Inc. to automate the software build, test and deployment process. JetBrains TeamCity suffers from an elevation of privilege vulnerability that stems from incorrect directory ownership, and no details of the...

7.5CVSS7.2AI score0.00109EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/22 9:32 a.m.7 views

CVE-2025-57732

In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership...

7.5CVSS7.5AI score0.00109EPSS
Exploits0References1
OSV
OSV
added 2025/08/20 10:15 a.m.3 views

CVE-2025-57732

In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership...

6.3CVSS5.8AI score0.00109EPSS
Exploits0References1
NVD
NVD
added 2025/08/20 10:15 a.m.6 views

CVE-2025-57732

In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership...

7.5CVSS0.00109EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/08/20 9:14 a.m.3 views

CVE-2025-57732

In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership...

7.5CVSS5.8AI score0.00109EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/20 9:14 a.m.3 views

CVE-2025-57732

In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership...

7.5CVSS6.8AI score0.00109EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 9:14 a.m.6 views

CVE-2025-57732

In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership...

7.5CVSS0.00109EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 9:14 a.m.26 views

CVE-2025-57732

CVE-2025-57732 affects JetBrains TeamCity prior to version 2025.07.1. The root cause is incorrect directory ownership that enables local privilege escalation. Impact is described as high in multiple sources; exploitation is local with no user interaction required. Remediation: upgrade to 2025.07....

7.5CVSS7.4AI score0.00109EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder