Lucene search
K

3760 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in docker.io

Moby is an open-source project created by Docker to enable software containerization. A bug was discovered in Moby Docker Engine where attempting to copy files using docker cp into a specially crafted container can result in changes to Unix file permissions for existing files in the host’s...

6.3CVSS6AI score0.0027EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Zabbix

During Zabbix installation from RPM, the DACOVERRIDE SELinux capability is used to access PID files in the /var/run/zabbix folder. In this case, processes of Zabbix Proxy or Server can bypass the file read, write, and execute permission checks at the file system level...

7.5CVSS7.5AI score0.00796EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Containerd

Containerd is a container runtime. A bug was discovered in containerd versions prior to 1.4.8 and 1.5.4, where pulling and extracting a specially crafted container image could result in changes to Unix file permissions for existing files in the host’s filesystem. Changes to file permissions could...

6.8CVSS6.3AI score0.01608EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Containerd

Containerd is an open-source container runtime that emphasizes simplicity, robustness, and portability. A bug was discovered in Containerd where container root directories and certain plugins had insufficiently restricted permissions, allowing unprivileged Linux users to access the contents of...

7.8CVSS6.4AI score0.00482EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in libzstd

In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. The correct file permissions matching the input would only be set at the time of completion. As a result, output files could be readable or writable by unintended parties...

5.5CVSS6AI score0.00431EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.8 views

Fedora 44 : python-django5 (2026-9b7a6474a1)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9b7a6474a1 advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...

9.8CVSS5.8AI score0.00879EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2026/05/19 4:19 p.m.12 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS7.2AI score0.00292EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/18 7:3 p.m.42 views

CVE-2026-45246 Summarize < 0.15.1 Insecure File Permissions Information Disclosure

Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free configuration rewrite path that allows local users to read sensitive credentials by exploiting default filesystem permissions. When the refresh-free path rewrites the configuration file, it creates th...

6.8CVSS0.00137EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/18 7:3 p.m.7 views

CVE-2026-45246 Summarize < 0.15.1 Insecure File Permissions Information Disclosure

Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free configuration rewrite path that allows local users to read sensitive credentials by exploiting default filesystem permissions. When the refresh-free path rewrites the configuration file, it creates th...

6.8CVSS5.8AI score0.00137EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/18 7:3 p.m.9 views

CVE-2026-45246

Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free configuration rewrite path that allows local users to read sensitive credentials by exploiting default filesystem permissions. When the refresh-free path rewrites the configuration file, it creates th...

6.8CVSS5.8AI score0.00137EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.9 views

Summarize 安全漏洞

Summarize is a multi-source rapid summarization tool developed by Peter Steinberger. Versions of Summarize prior to 0.15.1 contain security vulnerabilities. These vulnerabilities stem from insecure file permissions in the configuration rewritepath without refreshing, allowing local users to acces...

6.8CVSS5.8AI score0.00137EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/15 7:57 p.m.11 views

CVE-2026-42590

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary file rename, move, hardlink, and symlink creation on the server. ExifTool supports group-prefix...

8.2CVSS5.9AI score0.0029EPSS
Exploits1References1
NVD
NVD
added 2026/05/14 4:16 p.m.35 views

CVE-2026-40893

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg only checks if the tag is exactly FileName, so System:FileName slips right through and ExifTool happily renames the file. This allows remote attackers to move, rename, and change permissions for arbitrary files...

8.2CVSS0.00347EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/14 3:36 p.m.14 views

EUVD-2026-30316

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary file rename, move, hardlink, and symlink creation on the server. ExifTool supports group-prefix...

8.2CVSS5.9AI score0.0029EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 3:36 p.m.8 views

CVE-2026-42590

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary file rename, move, hardlink, and symlink creation on the server. ExifTool supports group-prefix...

8.2CVSS5.9AI score0.0029EPSS
Exploits1References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/13 3:48 a.m.10 views

SUSE CVE-2026-7819

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. checkaccesspermission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own storag...

8.1CVSS5.8AI score0.00359EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/11 8:36 p.m.7 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/05/11 6:39 p.m.12 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS7.2AI score0.00292EPSS
Exploits0References8
NVD
NVD
added 2026/05/11 4:17 p.m.21 views

CVE-2026-7819

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. checkaccesspermission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own storag...

8.1CVSS0.00359EPSS
Exploits0References1
CVE
CVE
added 2026/05/11 2:35 p.m.26 views

CVE-2026-7819

CVE-2026-7819 describes a symbolic-link path traversal in pgAdmin 4 File Manager. The vulnerability arises because check_access_permission used os.path.abspath (resolving ..) but not symbolic links, allowing an authenticated user to plant a symlink within their storage directory that points elsew...

8.1CVSS5.8AI score0.00359EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder