18 matches found
CVE-2026-46484
Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Handling of errors returned by nilfspreparechunk. The patch series “nilfs2: Fix issues with rename operations” addresses these issues. This series corrects BUGON check failures reported by syzbot during rename...
SUSE CVE-2025-21721
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfspreparechunk may return Patch series "nilfs2: fix issues with rename operations". This series fixes BUGON check failures reported by syzbot around rename operations, and a minor behavioral issue...
CVE-2025-21721
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfspreparechunk may return Patch series "nilfs2: fix issues with rename operations". This series fixes BUGON check failures reported by syzbot around rename operations, and a minor behavioral issue...
DEBIAN-CVE-2025-21721
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfspreparechunk may return Patch series "nilfs2: fix issues with rename operations". This series fixes BUGON check failures reported by syzbot around rename operations, and a minor behavioral issue...
UBUNTU-CVE-2025-21721
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfspreparechunk may return Patch series "nilfs2: fix issues with rename operations". This series fixes BUGON check failures reported by syzbot around rename operations, and a minor behavioral issue...
CVE-2025-21721
CVE-2025-21721 is a Linux kernel vulnerability in the NILFS2 filesystem. The patch series fixes nilfs_prepare_chunk() error handling paths that were previously omitted when rewriting directory entries in nilfs_set_link(), nilfs_delete_entry(), and in the caller nilfs_rename(). The issue allowed e...
CVE-2025-21721 nilfs2: handle errors that nilfs_prepare_chunk() may return
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfspreparechunk may return Patch series "nilfs2: fix issues with rename operations". This series fixes BUGON check failures reported by syzbot around rename operations, and a minor behavioral issue...
CVE-2025-21721 nilfs2: handle errors that nilfs_prepare_chunk() may return
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfspreparechunk may return Patch series "nilfs2: fix issues with rename operations". This series fixes BUGON check failures reported by syzbot around rename operations, and a minor behavioral issue...
SUSE CVE-2015-3727
WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site...
CVE-2017-18449
CVE-2017-18449 affects cPanel prior to 64.0.21. The issue enables certain file-rename operations in the context of the root account via scripts/convert_roundcube_mysql2sqlite (SEC-254). The vulnerability is caused by insufficient validation of file rename actions within the specified script path,...
Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) regression (USN-3392-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3392-2 advisory. USN-3392-1 fixed a regression in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kerne...
Debian DSA-3927-1 : linux - security update (Stack Clash)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. - CVE-2017-7346 Li Qiang discovered that the DRM driver for VMware virtual GPUs does not properly check user-controlled values in the...
Ubuntu 17.04 : linux, linux-raspi2 vulnerabilities (USN-3377-1) (Stack Clash)
Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2017-7533 It was discovered that the Linux kernel did n...
CVE-2017-8463
Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it improperly handles executable files and share...
Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1083-1)
Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. CVE-2010-3904 Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service...
USN-1074-1: Linux kernel vulnerabilities
Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2009-4895 Dan Rosenberg discovered that the MOVEEXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only...
CVE-2007-2852
Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during 1 delete/disinfect or 2 rename operations via a crafted directory name...