Lucene search
+L

8 matches found

euvd
euvd
added 2026/07/06 7:54 p.m.8 views

EUVD-2026-24992

install: TOCTOU symlink race unlink-then-create without OEXCL allows arbitrary file overwrite...

6.3CVSS6AI score0.00118EPSS
Exploits1References5
osv
osv
added 2026/04/22 6:31 p.m.10 views

GHSA-V24V-F45G-W7JF Duplicate Advisory: uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-239g-2685-54x3. This link is maintained to preserve external references. Original Description The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during...

6.3CVSS6AI score0.00118EPSS
Exploits1References5
github
github
added 2026/04/22 6:31 p.m.8 views

Duplicate Advisory: uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-239g-2685-54x3. This link is maintained to preserve external references. Original Description The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during...

6.3CVSS6AI score0.00118EPSS
Exploits1References5Affected Software1
nvd
nvd
added 2026/04/22 5:16 p.m.8 views

CVE-2026-35355

The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file installation. The implementation unlinks an existing destination file and then recreates it using a path-based operation without the OEXCL flag. A local attacker can exploit t...

6.3CVSS0.00118EPSS
Exploits1References2
attackerkb
attackerkb
added 2026/04/22 4:8 p.m.6 views

CVE-2026-35355

The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file installation. The implementation unlinks an existing destination file and then recreates it using a path-based operation without the OEXCL flag. A local attacker can exploit t...

6.3CVSS5.8AI score0.00118EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2026/01/08 12:0 a.m.13 views

PT-2026-2143

Name of the Vulnerable Software and Affected Versions RustFS versions prior to 1.0.0-alpha.79 Description RustFS is a distributed object storage system built in Rust. The ImportIam API endpoint incorrectly validates permissions using ExportIAMAction instead of ImportIAMAction. This allows a...

7.1CVSS6.7AI score0.00392EPSS
Exploits1References4
osv
osv
added 2024/02/12 7:15 p.m.5 views

CVE-2024-22226

Dell Unity, versions prior to 5.4, contain a path traversal vulnerability in its svcsupportassist utility. An authenticated attacker could potentially exploit this vulnerability, to gain unauthorized write access to the files stored on the server filesystem, with elevated privileges...

6.5CVSS5.8AI score0.00354EPSS
Exploits0References1
nvd
nvd
added 2021/05/25 12:15 p.m.16 views

CVE-2020-9452

An issue was discovered in Acronis True Image 2020 24.5.22510. antiransomwareservice.exe includes functionality to quarantine files by copying a suspected ransomware file from one directory to another using SYSTEM privileges. Because unprivileged users have write permissions in the quarantine...

7.8CVSS0.00485EPSS
Exploits1References3
Rows per page
Query Builder