CVE-2021-20316

A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share...

DEBIAN-CVE-2021-20316

A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share...

Design/Logic Flaw

A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share...

CVE-2021-20316

A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share...

Huawei EulerOS: Security Advisory for aide (EulerOS-SA-2022-2046)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.9.0 : aide (EulerOS-SA-2022-1625)

According to the versions of the aide package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs...

jsgui-node-file-metadata (=0.3.8), jsgui-node-fs2-core (>=0.1.0 <=0.1.5) +7 more potentially affected by CVE-2022-25301 via jsgui-lang-essentials (>=0.3.8 <=0.4.3)

jsgui-lang-essentials NPM version =0.3.8, =0.1.0, =0.1.0, =0.1.0, =0.3.8, =0.3.8, =0.3.35 Source cves: CVE-2022-25301 Source advisory: OSV:GHSA-P3PG-64PV-V7JG...

Huawei EulerOS: Security Advisory for aide (EulerOS-SA-2022-1421)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 8 : aide (ALSA-2022:0441)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:0441 advisory. - AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs ACLs, because of a heap-based...

USN-5291-1 libarchive vulnerabilities

It was discovered that libarchive incorrectly handled symlinks. If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly use this issue to change modes, times, ACLs, and flags on arbitrary files. CVE-2021-23177, CVE-2021-31566 It was...

Information Disclosure

Drupal is vulnerable to information disclosure. File metadata of a permanent private file can be accessed by an attacker who can guess ID of the file...

Exposure of Resource to Wrong Sphere in Drupal Core

Information Disclosure vulnerability in file module of Drupal Core allows an attacker to gain access to the file metadata of a permanent private file that they do not have access to by guessing the ID of the file. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prio...

Rocky Linux 8 : aide (RLSA-2022:441)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:441 advisory. - AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs ACLs, because of a heap-based...

Debian DLA-2894-1 : aide - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2894 advisory. David Bouman discovered a heap-based buffer overflow vulnerability in the base64 functions of aide, an advanced intrusion detection system, which can be triggered via large...

Privilege Escalation

aide is vulnerable to privilege escalation. An attacker can obtain root privileges via crafted file metadata, because of a heap-based buffer overflow...

SUSE SLED15 / SLES15 Security Update : aide (SUSE-SU-2022:0150-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:0150-1 advisory. - AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpf...

DEBIAN-CVE-2021-45417

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs ACLs, because of a heap-based buffer overflow...

CVE-2021-45417

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs ACLs, because of a heap-based buffer overflow...

Heap overflow

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs ACLs, because of a heap-based buffer overflow...

CVE-2021-45417

AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata such as XFS extended attributes or tmpfs ACLs, because of a heap-based buffer overflow...