1207 matches found
ALSA-2025:16904 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fs: export anoninodemakesecureinode and fix secretmem LSM bypass CVE-2025-38396 kernel: smb: client: fix use-after-free in cifsoplockbreak CVE-2025-38527 kernel: cifs: Fix the smbdrespons...
CVE-2025-10952
The CVE-2025-10952 entry concerns geyang ml-logger (ml_logger/server.py, stream_handler). The vulnerability arises from manipulation of the key argument in stream_handler, enabling information disclosure through a remote attack. Multiple sources confirm the flaw affects ml-logger and that no vers...
CVE-2025-10952 geyang ml-logger File server.py stream_handler information disclosure
A security flaw has been discovered in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this issue is the function streamhandler of the file mllogger/server.py of the component File Handler. Performing manipulation of the argument key results in information disclosure...
CVE-2025-10952 geyang ml-logger File server.py stream_handler information disclosure
A security flaw has been discovered in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this issue is the function streamhandler of the file mllogger/server.py of the component File Handler. Performing manipulation of the argument key results in information disclosure...
Exploit for Code Injection in Rejetto Http_File_Server
CVE-2014-6287 - Rejetto HTTP File Server RCE Exploit !Rust...
CVE-2022-50351
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscreate If the cifs already shutdown, we should free the xid before return, otherwise, the xid will be leaked...
Linux Distros Unpatched Vulnerability : CVE-2022-22936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. Job publishes and file server replies are susceptible to replay attacks,...
Rejetto HTTP File Server 2.3x < 2.3c RCE
The version of Rejetto HTTP File Server installed on the remote host is 2.3x prior to 2.3c. It is, therefore, affected by a remote code execution vulnerability. The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server aks HFS or HttpFileServer 2.3x before 2.3c allows remote...
CVE-2025-9654
A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0.3. Affected by this issue is some unknown functionality of the file server-simple.mjs. Performing manipulation results in command injection. The attack can be initiated remotely. Upgrading to version 1.0.4 and 1.1.0 can resolve...
CVE-2025-9654
CVE-2025-9654 affects the AiondaDotCom mcp-ssh package (up to 1.0.3) with a vulnerability in the file server-simple.mjs that allows remote command injection via manipulated input. The root cause is improper handling in the server-simple.mjs path that enables execution of system commands through u...
MCP SSH Agent 安全漏洞
MCP SSH Agent is an open source Model Context Protocol server for managing and controlling SSH connections from Aionda GmbH. A security vulnerability exists in MCP SSH Agent version 1.0.3 and earlier, which stems from a command injection in the file server-simple.mjs...
Exploit for External Control of File Name or Path in Microsoft
CVE-2025-33053 POC Exploit Overview The working director...
CVE-2010-20049
LeapFTP 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser. When the client receives a directory listing containing a filename longer than 528 bytes, the application fails to properly bound-check the input and overwrites the Structured Exception Handler SEH chain...
Linux Distros Unpatched Vulnerability : CVE-2023-32253
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's ksmbd component. A deadlock is triggered by sending multiple concurrent session setup requests, possibly leading to a...
CVE-2025-38567 nfsd: avoid ref leak in nfsd_open_local_fh()
In the Linux kernel, the following vulnerability has been resolved: nfsd: avoid ref leak in nfsdopenlocalfh If two calls to nfsdopenlocalfh race and both successfully call nfsdfileacquirelocal, they will both get an extra reference to the net to accompany the file reference stored in pnf. One of...
Microsoft Windows 10.0.19045 - NTLMv2 Hash Disclosure
Exploit Title: Microsoft Windows 10.0.19045 - NTLMv2 Hash Disclosure Date: 13/08/2025 Exploit Author: Ruben Enkaoua Author link: https://x.com/RubenLabs, https://github.com/rubenformation Original Blog: https://cymulate.com/blog/zero-click-one-ntlm-microsoft-security-patch-bypass-cve-2025-50154/...
CVE-2011-10010
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the...
CVE-2011-10010 QuickShare File Server 1.2.1 Path Traversal RCE
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the...
CVE-2011-10010 QuickShare File Server 1.2.1 Path Traversal RCE
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the...
QuickShare File Server 安全漏洞
QuickShare File Server is a file sharing server software from QuickShare, Inc. A security vulnerability exists in QuickShare File Server version 1.2.1, which stems from an improperly cleaned path to user-supplied files by the FTP service, which could lead to a path traversal attack...