Lucene search
K

2466 matches found

CNNVD
CNNVD
added 2025/01/14 12:0 a.m.3 views

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. A security vulnerability exists in Rsync that stems from a failure to properly validate whether a symbolic link target contains another symbolic link, leading to a path...

7.5CVSS7.3AI score0.04575EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.3 views

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. Rsync has a security vulnerability that stems from improper checksum comparisons, resulting in the server being able to enumerate the contents of arbitrary files on the clien...

6.8CVSS8AI score0.01761EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.4 views

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. A security vulnerability exists in Rsync versions prior to 3.4, which stems from the presence of a heap-based buffer overflow that allows an attacker to write out-of-bounds...

9.8CVSS9.7AI score0.72059EPSS
Exploits4References3
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.4 views

Rsync 缓冲区错误漏洞

Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. Rsync suffers from a buffer error vulnerability that stems from improper file checksum comparisons, which allows an attacker to manipulate the length of the checksum value an...

7.5CVSS7.7AI score0.09353EPSS
Exploits2References17
CNNVD
CNNVD
added 2025/01/14 12:0 a.m.3 views

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. A security vulnerability exists in Rsync that stems from a lack of proper symbolic link validation and de-duplication checking, where the server can write files to a location...

7.5CVSS7.2AI score0.02224EPSS
Exploits1References6
OSV
OSV
added 2025/01/14 12:0 a.m.14 views

DLA-4015-1 rsync - security update

Bulletin has no description...

7.5CVSS6.9AI score0.09353EPSS
Exploits4
OSV
OSV
added 2025/01/14 12:0 a.m.19 views

DSA-5843-1 rsync - security update

Bulletin has no description...

9.8CVSS7AI score0.72059EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.17 views

Amazon Linux 2023 : rsync, rsync-daemon (ALAS2023-2025-800)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-800 advisory. Placeholder CVE. Details forthcoming CVE-2024-12085 Placeholder CVE. Details forthcoming CVE-2024-12086 Placeholder CVE. Details forthcoming CVE-2024-12087 Placeholder CVE. Details forthcoming...

7.5CVSS7.3AI score0.09353EPSS
Exploits4References12
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.15 views

Debian dsa-5843 : rsync - security update

The remote Debian 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5843 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5843-2 [email protected] Debian Security Advisory...

9.8CVSS8AI score0.72059EPSS
Exploits8References14
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.6 views

Debian dla-4015 : rsync - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4015 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4015-2 [email protected] https://www.debian.org/lts/security/...

5.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.13 views

Slackware Linux 15.0 / current rsync Multiple Vulnerabilities (SSA:2025-014-01)

The version of rsync installed on the remote host is prior to 3.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-014-01 advisory. New rsync packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

9.8CVSS7.4AI score0.72059EPSS
Exploits8References7
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.28 views

Amazon Linux 2 : rsync (ALAS-2025-2730)

The version of rsync installed on the remote host is prior to 3.1.2-11. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2730 advisory. Placeholder CVE. Details forthcoming CVE-2024-12085 Placeholder CVE. Details forthcoming CVE-2024-12086 Placeholder CVE...

7.5CVSS7.4AI score0.09353EPSS
Exploits4References12
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.17 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : rsync vulnerabilities (USN-7206-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7206-1 advisory. Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly...

9.8CVSS7.8AI score0.72059EPSS
Exploits8References7
CERT
CERT
added 2025/01/14 12:0 a.m.13 views

Rsync contains six vulnerabilities

Overview Rsync, a versatile file-synchronizing tool, contains six vulnerabilities present within versions 3.3.0 and below. Rsync can be used to sync files between remote and local computers, as well as storage devices. The discovered vulnerabilities include heap-buffer overflow, information leak,...

9.8CVSS8AI score0.72059EPSS
Exploits8
Rosalinux
Rosalinux
added 2025/01/13 9:39 a.m.11 views

Advisory ROSA-SA-2025-2553

Software: rsync 3.1.2 OS: rosa-server79 packageevrstring: rsync-3.1.2-12.0.1.res7 CVE-ID: CVE-2017-16548 BDU-ID: 2021-01395 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the receivexattr function in xattrs.c of the Rsync file transfer and synchronization utility is related to the lack of a check f...

9.8CVSS7.5AI score0.06337EPSS
Exploits0
Amazon
Amazon
added 2025/01/11 6:50 a.m.49 views

Important: rsync

Issue Overview: Placeholder CVE. Details forthcoming CVE-2024-12085 Placeholder CVE. Details forthcoming CVE-2024-12086 Placeholder CVE. Details forthcoming CVE-2024-12087 Placeholder CVE. Details forthcoming CVE-2024-12088 Placeholder CVE. Details forthcoming CVE-2024-12747 Affected Packages:...

7.5CVSS7.2AI score0.09353EPSS
Exploits4
Amazon
Amazon
added 2025/01/11 6:27 a.m.33 views

Important: rsync

Issue Overview: Placeholder CVE. Details forthcoming CVE-2024-12085 Placeholder CVE. Details forthcoming CVE-2024-12086 Placeholder CVE. Details forthcoming CVE-2024-12087 Placeholder CVE. Details forthcoming CVE-2024-12088 Placeholder CVE. Details forthcoming CVE-2024-12747 Affected Packages:...

7.5CVSS7.3AI score0.09353EPSS
Exploits4
OSV
OSV
added 2025/01/10 12:0 a.m.1 views

UBUNTU-CVE-2024-48943

A malicious RPKI rsync repository can prevent Fort from finishing its validation run by drip-feeding its content...

5.8AI score
Exploits0References5
OSV
OSV
added 2025/01/09 12:0 a.m.2 views

UBUNTU-CVE-2024-12084

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of bounds in the sum2 buffer...

9.8CVSS7.5AI score0.72059EPSS
Exploits4References7
OSV
OSV
added 2025/01/09 12:0 a.m.2 views

UBUNTU-CVE-2024-12088

A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the...

7.5CVSS7.2AI score0.04575EPSS
Exploits0References5
Rows per page
Query Builder