Lucene search
K

2486 matches found

RedhatCVE
RedhatCVE
added 5 days ago5 views

CVE-2026-59996

A flaw was found in OpenSSH, a widely used tool for secure remote access. When a user attempts to copy files between two different remote systems using the scp command, the file might be incorrectly placed in a directory above the intended destination. This unintended file placement could lead to...

5.4CVSS6AI score0.00241EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 6 days ago6 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.17.55 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.55 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

9.8CVSS6.9AI score0.93235EPSS
Exploits54References11
RedHat Linux
RedHat Linux
added 2026/07/01 11:17 a.m.7 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.14.68 bug fix and security update

Red Hat OpenShift Container Platform release 4.14.68 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

9.8CVSS6.9AI score0.03663EPSS
Exploits29References11
RedHat Linux
RedHat Linux
added 2026/06/30 2:42 p.m.5 views

mariadb: Arbitrary code execution via improper parameter validation during SST

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00654EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/30 1:11 p.m.4 views

mariadb: Arbitrary code execution via improper parameter validation during SST

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00654EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/30 11:22 a.m.7 views

mariadb: Arbitrary code execution via improper parameter validation during SST

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00654EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.9 views

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.3.1.10)

The version of AHV installed on the remote host is prior to AHV-10.3.1.10. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.3.1.10 advisory. - A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading t...

9.8CVSS7.5AI score0.00767EPSS
Exploits4References9
RedHat Linux
RedHat Linux
added 2026/06/29 10:57 p.m.3 views

mariadb: Arbitrary code execution via improper parameter validation during SST

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00654EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2026/06/29 12:0 a.m.5 views

rsync security update

3.2.5-7.2 - Fix integer overflow in compressed-token decoding CVE-2026-43618 - Resolves: RHEL-174932 3.2.5-7.1 - Fix TOCTOU symlink race in daemon no-chroot mode CVE-2026-29518 - Resolves: RHEL-174952 3.2.5-4 - Resolves: RHEL-104404 - Do not clear DISPLAY unconditionally...

7.8CVSS7.2AI score0.01761EPSS
Exploits2
Fedora
Fedora
added 2026/06/26 1:14 a.m.6 views

[SECURITY] Fedora 43 Update: rsync-3.4.4-1.fc43

Rsync uses a reliable algorithm to bring remote and host files into sync very quickly. Rsync is fast because it just sends the differences in the files over the network instead of sending the complete files. Rsync is often used as a very powerful mirroring process or just as a more capable...

8.1CVSS5.8AI score0.0078EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

Fedora 43 : rsync (2026-a04e445b3f)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a04e445b3f advisory. New version 3.4.4 with multiple regression fixes. This update also fixes the following CVEs: CVE-2026-29518 CVE-2026-43617 CVE-2026-43618...

8.1CVSS5.9AI score0.0078EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 5:41 p.m.3 views

JLSEC-2026-628 Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's...

Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing...

6.3CVSS5.8AI score0.00282EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 5:41 p.m.9 views

JLSEC-2026-629 Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token...

Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigger an overflow that causes the receiver process to read and return data from outside the intended...

6.1CVSS6AI score0.0078EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 5:41 p.m.3 views

JLSEC-2026-625 A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds...

A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue...

4.3CVSS5.9AI score0.00289EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 5:41 p.m.4 views

JLSEC-2026-626 Rsync versions before 3.4.3 contain a time-of-check to time-of-use (TOCTOU) race condition in...

Rsync versions before 3.4.3 contain a time-of-check to time-of-use TOCTOU race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replacing parent directory components with symbolic links. Attackers with write access to a module path ca...

7.3CVSS6AI score0.00152EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.14 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.3.1.12)

The version of AOS installed on the remote host is prior to 7.3.1.12. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.3.1.12 advisory. - A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a...

9.8CVSS7.4AI score0.00767EPSS
Exploits4References24
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

Oracle Linux 9 : rsync (ELSA-2026-26410)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-26410 advisory. - Fix integer overflow in compressed-token decoding CVE-2026-43618 - Resolves: RHEL-174932 - Fix TOCTOU symlink race in daemon no-chroot mode...

8.1CVSS5.9AI score0.0078EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

Photon OS 4.0: Rsync PHSA-2026-4.0-1038

An update of the rsync package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1038. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.1CVSS5.7AI score0.0078EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.16 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.1.8)

The version of AOS installed on the remote host is prior to 7.5.1.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.1.8 advisory. - A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a deni...

9.8CVSS6.9AI score0.00767EPSS
Exploits4References25
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.4 views

Photon OS 5.0: Rsync PHSA-2026-5.0-0885

An update of the rsync package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0885. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.1CVSS5.7AI score0.0078EPSS
Exploits0References8
Rows per page
Query Builder