CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/01/13 2:1 p.m.•3 views

Astra Linux – Vulnerability in rsync

A malicious client acting as the recipient of an rsync file transfer can trigger an out-of-bounds read of a heap-based buffer, through a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger this issue...

4.3CVSS5.4AI score0.00283EPSS

7.5CVSS7.3AI score0.04575EPSS

MiracleLinux 9 : rsync-3.2.5-3.el9 (AXSA:2025-10080:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10080:08 advisory. rsync: Path traversal vulnerability in rsync CVE-2024-12087 rsync: --safe-links option bypass leads to path traversal CVE-2024-12088 rsync: Race...

Exploits1References4

Tenable Nessus•added 2026/01/13 12:0 a.m.•3 views

MiracleLinux 7 : rsync-3.1.2-12.0.3.el7.AXS7 (AXSA:2025-9708:04)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9708:04 advisory. CVE-2024-12087: fix path traversal vulnerability in rsync enabled by the '--inc-recursive' option CVE-2024-12088: make --safe-links stricter CVEs:...

7.5CVSS7.6AI score0.04575EPSS

Exploits1References3

Tenable Nessus•added 2026/01/13 12:0 a.m.•5 views

MiracleLinux 7 : rsync-3.1.2-12.0.5.el7.AXS7 (AXSA:2025-11113:09)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-11113:09 advisory. CVE-2016-9840: fix improper pointer arithmetic in inftrees.c CVEs: CVE-2016-9840 inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have...

8.8CVSS7.2AI score0.04793EPSS

7.5CVSS7.6AI score0.09353EPSS

MiracleLinux 8 : rsync-3.1.3-20.el8_10 (AXSA:2025-9543:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9543:02 advisory. rsync: Info Leak via Uninitialized Stack Contents CVE-2024-12085 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

Exploits2References2

Tenable Nessus•added 2026/01/13 12:0 a.m.•5 views

MiracleLinux 8 : rsync-3.1.3-21.el8_10 (AXSA:2025-9746:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9746:06 advisory. rsync: Path traversal vulnerability in rsync CVE-2024-12087 rsync: --safe-links option bypass leads to path traversal CVE-2024-12088 rsync: Race...

7.5CVSS7.3AI score0.04575EPSS

Exploits1References4

8.8CVSS6.9AI score0.04793EPSS

MiracleLinux 8 : rsync-3.1.3-23.el8_10 (AXSA:2025-9980:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9980:07 advisory. zlib: Out-of-bounds pointer arithmetic in inftrees.c CVE-2016-9840 Tenable has extracted the preceding description block directly from the MiracleLinux...

5.6CVSS7.2AI score0.00377EPSS

MiracleLinux 7 : rsync-3.1.2-12.0.4.el7.AXS7 (AXSA:2025-9719:05)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9719:05 advisory. quickly. Rsync is fast because it just sends the differences in the files over the network instead of sending the complete files. Rsync is often used as a ve...

Tenable Nessus•added 2026/01/13 12:0 a.m.•5 views

MiracleLinux 9 : rsync-3.2.3-20.el9_5.1 (AXSA:2025-9542:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9542:01 advisory. rsync: Info Leak via Uninitialized Stack Contents CVE-2024-12085 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

7.5CVSS7.6AI score0.09353EPSS

Exploits2References2

RedhatCVE•added 2026/01/09 10:41 a.m.•7 views

CVE-2022-26479

An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file which can be created via an rsync backdoor causes all API calls to execute as admin without authentication...

9.8CVSS7.1AI score0.01729EPSS

Exploits3References1

OSV•added 2026/01/08 3:49 p.m.•5 views

SUSE-SU-2026:20044-1 Security update for rsync

This update for rsync fixes the following issues: - CVE-2025-10158: Fixed out of bounds array access via negative index bsc1254441...

4.3CVSS5.8AI score0.00283EPSS

SUSE Linux•added 2026/01/08 1:21 p.m.•5 views

Security update for rsync

This update for rsync fixes the following issues: CVE-2025-10158: Fixed out of bounds array access via negative index bsc1254441 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

4.3CVSS7.1AI score0.00283EPSS

Exploits0References4

OSV•added 2026/01/08 1:21 p.m.•2 views

SUSE-SU-2026:0069-1 Security update for rsync

This update for rsync fixes the following issues: - CVE-2025-10158: Fixed out of bounds array access via negative index bsc1254441...

4.3CVSS6.9AI score0.00283EPSS

RedhatCVE•added 2026/01/07 9:39 a.m.•8 views

CVE-1999-0473

The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred...

2.1CVSS7AI score0.00323EPSS

Exploits0References1

SUSE Linux•added 2026/01/06 10:33 a.m.•3 views

Security update for rsync

4.3CVSS7AI score0.00283EPSS

Exploits0References4

OSV•added 2026/01/06 10:33 a.m.•2 views

SUSE-SU-2026:0041-1 Security update for rsync

This update for rsync fixes the following issues: - CVE-2025-10158: Fixed out of bounds array access via negative index bsc1254441...

4.3CVSS5.8AI score0.00283EPSS