Lucene search
K

136 matches found

CNNVD
CNNVD
added 2025/08/22 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates in f2fs that could lead to out-of-bounds access when devs.path length equals MAXPATHLEN...

7.1CVSS8AI score0.00164EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/08/21 12:0 a.m.4 views

EasyFTP 安全漏洞

EasyFTP is an easy-to-use FTP service. A security vulnerability exists in EasyFTP 1.7.0.11 and earlier versions, which stems from a failure to validate the length of a path parameter when processing a GET request, which could result in a stack buffer overflow...

9.8CVSS7AI score0.01463EPSS
Exploits1References4
CVE
CVE
added 2025/08/19 5:3 p.m.49 views

CVE-2025-38614

The CVE-2025-38614 entry describes a Linux kernel vulnerability in eventpoll where recursion depth in ep_loop_check_proc() could form deep trees and trigger semi-unbounded recursion. The root cause involved two shortcomings: (1) the depth checks did not consider upward paths, and (2) multiple dow...

5.5CVSS7AI score0.00153EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2025/08/19 5:3 p.m.16 views

CVE-2025-38614 eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

0.00153EPSS
Exploits0References7
OSV
OSV
added 2025/08/11 1:53 p.m.5 views

BIT-LIBPHP-2023-0568 Array overrun in common path resolve code

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...

8.1CVSS7AI score0.01242EPSS
Exploits1References3
Snyk
Snyk
added 2025/07/02 12:0 a.m.2 views

Buffer Under-read

Overview Affected versions of this package are vulnerable to Buffer Under-read via the gettmpfile function of glib/gfileutils.c due to improper validation of file path lengths during temporary file operations. An attacker can manipulate file paths and access unauthorized data by supplying symboli...

4.9CVSS7AI score0.0037EPSS
Exploits0References2
Amazon
Amazon
added 2025/03/06 12:0 a.m.6 views

Important: kernel

Issue Overview: Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM md, raid, raid5 modules allows Forced Integer Overflow. CVE-2024-23307 In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify...

7.8CVSS6.6AI score0.0059EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2025/01/12 12:15 a.m.5 views

SUSE CVE-2024-53685

In the Linux kernel, the following vulnerability has been resolved: ceph: give up on paths longer than PATHMAX If the full path to be built by cephmdscbuildpath happens to be longer than PATHMAX, then this function will enter an endless retry loop, effectively blocking the whole task. Most of the...

5.5CVSS7.6AI score0.00217EPSS
Exploits0References13
Cvelist
Cvelist
added 2025/01/11 12:35 p.m.14 views

CVE-2024-53685 ceph: give up on paths longer than PATH_MAX

In the Linux kernel, the following vulnerability has been resolved: ceph: give up on paths longer than PATHMAX If the full path to be built by cephmdscbuildpath happens to be longer than PATHMAX, then this function will enter an endless retry loop, effectively blocking the whole task. Most of the...

0.00217EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-34413

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to out-of-boundary access within the f2fs filesystem when handling device paths. Specifically, if the device path length reaches MAX PATH LEN,...

7.1CVSS7AI score0.00164EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/12/11 4:20 p.m.3 views

php: 1-byte array overrun in common path resolve code

A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which...

8.1CVSS7.5AI score0.01242EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2024/05/18 12:30 a.m.17 views

Tor path lengths too short when "full Vanguards" configured

In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 with full vanguards, aka TROVE-2024-004...

7.3CVSS7.1AI score0.00298EPSS
Exploits0References9Affected Software2
SUSE CVE
SUSE CVE
added 2024/04/18 2:30 a.m.5 views

SUSE CVE-2024-26818

In the Linux kernel, the following vulnerability has been resolved: tools/rtla: Fix clang warning about mountpoint var size clang is reporting this warning: $ make HOSTCC=clang CC=clang LLVMIAS=1 ... clang -O -g -DVERSION="6.8.0-rc3" -flto=auto -fexceptions -fstack-protector-strong...

5.5CVSS6.9AI score0.00225EPSS
Exploits0References3
OSV
OSV
added 2024/04/17 10:15 a.m.1 views

DEBIAN-CVE-2024-26818

In the Linux kernel, the following vulnerability has been resolved: tools/rtla: Fix clang warning about mountpoint var size clang is reporting this warning: $ make HOSTCC=clang CC=clang LLVMIAS=1 ... clang -O -g -DVERSION="6.8.0-rc3" -flto=auto -fexceptions -fstack-protector-strong...

5.5CVSS5.7AI score0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/12 12:0 a.m.5 views

PT-2024-7734 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel version 6.8.0-rc3 Description: The issue is related to a potential buffer overflow in the fscanf function, which may occur when the mount point variable is used. The warning is reported by clang, indicating that the destination...

7.8CVSS7.1AI score0.01287EPSS
Exploits1References318
RedHat Linux
RedHat Linux
added 2024/01/24 9:59 a.m.3 views

php: 1-byte array overrun in common path resolve code

A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which...

8.1CVSS7.5AI score0.01242EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2023/10/19 1:33 p.m.5 views

php: 1-byte array overrun in common path resolve code

A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which...

8.1CVSS7.5AI score0.01242EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:41 a.m.3 views

SUSE CVE-2013-0767

The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary...

10CVSS9.3AI score0.05815EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.2 views

SUSE CVE-2020-8252

The implementation of realpath in libuv 10.22.1, 12.18.4, and 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes...

8.1CVSS7.1AI score0.00714EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.6 views

SUSE CVE-2020-29482

An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute paths containing a full pathname, or via a relative path, which implicitly includes /local/domain/$DOMID for their own domain id. Management tools must access paths in guests' namespaces, necessarily usi...

6CVSS6.7AI score0.00385EPSS
Exploits0References3
Rows per page
Query Builder