CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2448 matches found

OpenVAS•added 2025/01/15 12:0 a.m.•16 views

Debian: Security Advisory (DLA-4015-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.09353EPSS

Exploits4References2

OpenVAS•added 2025/01/15 12:0 a.m.•13 views

Debian: Security Advisory (DSA-5843-1)

9.8CVSS6.8AI score0.72059EPSS

Exploits8References2

OpenVAS•added 2025/01/15 12:0 a.m.•12 views

SUSE: Security Advisory (SUSE-SU-2025:0120-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.09353EPSS

Exploits4References2

OpenVAS•added 2025/01/15 12:0 a.m.•28 views

SUSE: Security Advisory (SUSE-SU-2025:0121-2)

7.5CVSS7.7AI score0.09353EPSS

Exploits4References2

OpenVAS•added 2025/01/15 12:0 a.m.•18 views

SUSE: Security Advisory (SUSE-SU-2025:0121-1)

7.5CVSS7.7AI score0.09353EPSS

Exploits4References2

OpenVAS•added 2025/01/15 12:0 a.m.•23 views

SUSE: Security Advisory (SUSE-SU-2025:0122-2)

7.5CVSS7.7AI score0.09353EPSS

Exploits4References2

OpenVAS•added 2025/01/15 12:0 a.m.•24 views

Ubuntu: Security Advisory (USN-7206-1)

9.8CVSS7.7AI score0.72059EPSS

Exploits8References2

OpenVAS•added 2025/01/15 12:0 a.m.•14 views

SUSE: Security Advisory (SUSE-SU-2025:0122-1)

7.5CVSS7.7AI score0.09353EPSS

Exploits4References2

OpenVAS•added 2025/01/15 12:0 a.m.•14 views

SUSE: Security Advisory (SUSE-SU-2025:0120-1)

7.5CVSS7.7AI score0.09353EPSS

Exploits4References2

Ubuntu•added 2025/01/14 11:32 p.m.•171 views

USN-7206-1: rsync vulnerabilities

Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker could use this issue to execute arbitrary code. CVE-2024-12084 Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync compared checksums with...

9.8CVSS7.7AI score0.72059EPSS

Exploits8

OSV•added 2025/01/14 11:32 p.m.•6 views

USN-7206-1 Several security issues were fixed in rsync

9.8CVSS7.2AI score0.72059EPSS

Exploits8References7

Debian•added 2025/01/14 10:21 p.m.•11 views

[SECURITY] [DLA 4015-1] rsync security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4015-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 14, 2025 https://wiki.debian.org/LTS -...

7.5CVSS7.5AI score0.09353EPSS

Exploits4

Snyk•added 2025/01/14 6:43 p.m.•2 views

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition during rsync's handling of symbolic links which allows an attacker to bypass the default behavior and traverse symbolic links. Remediation A fix was pushed into the master branch but not yet published. References - GitHub...

6.8CVSS6.9AI score0.00377EPSS

Exploits0References2

Debian•added 2025/01/14 6:21 p.m.•17 views

[SECURITY] [DSA 5843-1] rsync security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5843-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 14, 2025 https://www.debian.org/security/faq -...

9.8CVSS8AI score0.72059EPSS

Exploits8

OSV•added 2025/01/14 6:15 p.m.•3 views

AZL-55658 CVE-2024-12088 affecting package rsync for versions less than 3.4.1-1

A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the...

7.5CVSS7.2AI score0.04575EPSS

Exploits0References1

OSV•added 2025/01/14 6:15 p.m.•1 views

ALPINE-CVE-2024-12747

A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass...

5.6CVSS6.5AI score0.00377EPSS

Exploits0References1

OSV•added 2025/01/14 6:15 p.m.•1 views

DEBIAN-CVE-2024-12086

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...

6.8CVSS8AI score0.01761EPSS

Exploits1References1

OSV•added 2025/01/14 6:15 p.m.•8 views

AZL-55655 CVE-2024-12087 affecting package rsync for versions less than 3.4.1-1

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...

7.5CVSS7.1AI score0.02224EPSS

Exploits1References1

OSV•added 2025/01/14 6:15 p.m.•1 views

ALPINE-CVE-2024-12086

6.8CVSS6.3AI score0.01761EPSS

Exploits1References1

OSV•added 2025/01/14 6:15 p.m.•5 views

AZL-55676 CVE-2024-12088 affecting package rsync for versions less than 3.4.1-1

7.5CVSS7AI score0.04575EPSS

Exploits0References1

Rows per page