510 matches found
CVE-2026-2743
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer LFT. This issue affects SeppMail: 15.0.2.1 and before...
CVE-2026-2743
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer LFT. This issue affects SeppMail: 15.0.2.1 and before...
CVE-2026-2743
SEPPmail UX: CVE-2026-2743 describes Arbitrary File Write via a Path Traversal in the Seppmail User Web Interface’s Large File Transfer feature, enabling Remote Code Execution on versions up to 15.0.2.1. The connected records confirm the affected product and the underlying vulnerability path but ...
CVE-2026-2743 SEPPmail User Web Interface Arbitrary File Write to RCE
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer LFT. This issue affects SeppMail: 15.0.2.1 and before...
CVE-2026-2743 SEPPmail User Web Interface Arbitrary File Write to RCE
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer LFT. This issue affects SeppMail: 15.0.2.1 and before...
CVE-2026-2743
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer LFT. This issue affects SeppMail: 15.0.2.1 and before...
Gogs(Go Git Service) 数据伪造问题漏洞
Gogs Go Git Service is a Go-based self-service Git hosting service developed by the Gogs team. It supports creating and migrating public/private repositories, as well as adding and removing repository collaborators. Prior to version 0.14.2 of Gogs Go Git Service, there was a data manipulation...
PT-2026-23410
Name of the Vulnerable Software and Affected Versions SeppMail versions prior to 15.0.2.1 Description The User Web Interface contains a flaw in the large file transfer LFT feature. This allows arbitrary file write via path traversal upload, which can lead to remote code execution. Path traversal ...
SEPPmail 路径遍历漏洞
SEPPmail is an email encryption and signature solution provided by the Swiss company SEPPmail. Versions of SEPPmail 15.0.2.1 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the large file transfer feature’s susceptibility to path traversal attacks, which coul...
PT-2026-23483
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.2 Description Gogs, a self-hosted Git service, has a flaw where Large File Storage LFS objects can be maliciously overwritten across different repositories. This is due to a lack of isolation in how LFS objects are...
Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted...
RLSA-2026:2323 Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted...
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
ALSA-2026:2323 Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted...
git-lfs security update
3.4.1-7 - Rebuild with new Golang - Resolves: RHEL-140536...
RHEL 8 : git-lfs (RHSA-2026:2323)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:2323 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing th...
SUSE CVE-2026-20897
Gitea does not properly validate repository ownership when deleting Git LFS locks. A user with write access to one repository may be able to delete LFS locks belonging to other repositories...
GO-2026-4363 Gitea does not properly validate repository ownership when deleting Git LFS locks in code.gitea.io/gitea
Gitea does not properly validate repository ownership when deleting Git LFS locks in code.gitea.io/gitea...
BIT-GITEA-2026-20897 Gitea Git LFS Lock Deletion Broken Access Control (Cross-Repo IDOR)
Gitea does not properly validate repository ownership when deleting Git LFS locks. A user with write access to one repository may be able to delete LFS locks belonging to other repositories...
EUVD-2026-4264
Gitea does not properly validate repository ownership when deleting Git LFS locks...