AZL-55959 CVE-2024-11218 affecting package buildah for versions less than 1.41.4-2

A vulnerability was found in podman build and buildah. This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the hos...

AZL-55953 CVE-2024-11218 affecting package podman for versions less than 5.6.1-2

A vulnerability was found in podman build and buildah. This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the hos...

Buildah 安全漏洞

Buildah is a Buildah open source tool that supports building OCI container images. A security vulnerability exists in Buildah that stems from building a malicious Containerfile using --jobs=2 and a contention condition, leading to container escape and host file enumeration...

Important: rsync

Issue Overview: A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data...

Important: rsync

Issue Overview: A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data...

Amazon Linux 2 : rsync (ALAS-2025-2731)

The version of rsync installed on the remote host is prior to 3.1.2-11. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2731 advisory. A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an...

Amazon Linux 2023 : rsync, rsync-daemon (ALAS2023-2025-801)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-801 advisory. A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison...

CVE-2025-0472

Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This vulnerability allows an attacker to upload a file to the environment and enumerate the internal files of a machine by looking at the request response...

CVE-2025-0472 Information exposure vulnerability in PMB platform

Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This vulnerability allows an attacker to upload a file to the environment and enumerate the internal files of a machine by looking at the request response...

CVE-2025-0472

The connected sources confirm a CVE-2025-0472 information-exposure vulnerability in the PMB platform, affecting versions up to 4.2.13. The issue allows an attacker to upload a file to the environment and enumerate internal machine files by inspecting the request response. The root cause is descri...

PMB platform 信息泄露漏洞

PMB platform is a free document management software from PMB Inc. An information disclosure vulnerability exists in PMB platform versions 4.0.10 through 4.2.13, which stems from the presence of an information disclosure issue that could allow an attacker to upload a file to the environment and...

CVE-2024-12086

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...

AZL-55685 CVE-2024-12086 affecting package rsync for versions less than 3.4.1-1

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...

CVE-2024-12086

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. Rsync has a security vulnerability that stems from improper checksum comparisons, resulting in the server being able to enumerate the contents of arbitrary files on the clien...

CVE-2025-0106

A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem...

CVE-2025-0106

A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem...

CVE-2025-0106 Expedition: Wildcard Expansion Vulnerability

A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem...

CVE-2025-0106

CVE-2025-0106 is a wildcard expansion vulnerability in Palo Alto Networks Expedition. An unauthenticated attacker can enumerate files on the host filesystem via the Expedition tool’s wildcard expansion handling. Affected product: Palo Alto Networks Expedition. Root cause: wildcard expansion issue...

CVE-2025-0106 Expedition: Wildcard Expansion Vulnerability

A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem...