Lucene search
K

302 matches found

CVE
CVE
added 2026/03/26 8:6 p.m.53 views

CVE-2026-0964

CVE-2026-0964 is reported as a path-traversal vulnerability in libssh’s SCP handling (ssh_scp_pull_request), allowing a malicious SCP server to reference paths outside the working directory and potentially overwrite local files. The issue is documented across multiple advisories (ALAS2023-2026-14...

6.3CVSS7AI score0.00408EPSS
Exploits0References5Affected Software4
Debian CVE
Debian CVE
added 2026/03/26 8:6 p.m.3 views

CVE-2026-0964

A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue...

6.3CVSS5.8AI score0.00408EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/26 8:6 p.m.28 views

CVE-2026-0964 Libssh: improper sanitation of paths received from scp servers

A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue...

5CVSS0.00408EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/03/26 8:6 p.m.1 views

CVE-2026-0964

A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue...

6.3CVSS6.9AI score0.00408EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 5:0 p.m.5 views

CVE-2026-20083

A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...

6.5CVSS5.8AI score0.00093EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.6 views

CVE-2026-32030

OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the stageSandboxMedia function that accepts arbitrary absolute paths when iMessage remote attachment fetching is enabled. An attacker who can tamper with attachment path metadata can disclose files readable by the...

8.2CVSS5.9AI score0.00344EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.4 views

EUVD-2026-15429

A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...

6.5CVSS5.8AI score0.00093EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 4:16 p.m.5 views

CVE-2026-20083

A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...

6.5CVSS0.00093EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:7 p.m.21 views

CVE-2026-20083

A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...

6.5CVSS0.00093EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:7 p.m.3 views

CVE-2026-20083

A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...

6.5CVSS5.9AI score0.00093EPSS
Exploits0References1
Cisco
Cisco
added 2026/03/25 4:0 p.m.34 views

Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability

A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...

6.5CVSS5.8AI score0.00093EPSS
Exploits0References1
OSV
OSV
added 2026/03/25 9:51 a.m.8 views

CLSA-2026-1774432284 vim: Fix of 2 CVEs

CVE-2026-28417: fix OS command injection in netrw plugin when handling specially crafted URLs such as scp:// - CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a maliciously crafted Vim swap file...

7.8CVSS7.1AI score0.01162EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.6 views

PT-2026-27789

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the Secure Copy Protocol SCP server feature that may allow a local attacker with limited privileges to disrupt service. This is caused by the improper processin...

6.5CVSS5.9AI score0.00093EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/19 10:7 p.m.20 views

CVE-2026-32030 OpenClaw < 2026.2.19 - Sensitive File Disclosure via stageSandboxMedia Path Traversal

OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the stageSandboxMedia function that accepts arbitrary absolute paths when iMessage remote attachment fetching is enabled. An attacker who can tamper with attachment path metadata can disclose files readable by the...

8.2CVSS0.00344EPSS
Exploits0References3
OSV
OSV
added 2026/03/16 8:41 p.m.3 views

GHSA-G2F6-PWVX-R275 OpneClaw accepts unsanitized iMessage attachment paths which allowed SCP remote-path command injection

Summary openclaw versions :. In affected releases, the remote host was normalized but the remote attachment path was not validated for shell metacharacters before being passed to the SCP remote operand. A sender-controlled iMessage attachment filename containing shell metacharacters could therefo...

9.2CVSS6.2AI score
Exploits0References3
EUVD
EUVD
added 2026/03/04 6:31 p.m.4 views

EUVD-2026-9437

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance ASA Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This...

7.2CVSS6AI score0.0012EPSS
Exploits0References2
NVD
NVD
added 2026/03/04 6:16 p.m.9 views

CVE-2026-20062

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance ASA Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This...

7.2CVSS0.0012EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/04 5:22 p.m.5 views

CVE-2026-20062

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance ASA Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This...

7.2CVSS6AI score0.0012EPSS
Exploits0References1
CVE
CVE
added 2026/03/04 5:22 p.m.61 views

CVE-2026-20062

The CVE-2026-20062 entry concerns Cisco Secure Firewall ASA software in multiple context mode. Vulnerability: improper access controls on SCP operations when the CiscoSSH stack is enabled allow an authenticated user with admin privileges only in a non-admin context to copy files to/from other con...

7.2CVSS6AI score0.0012EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 5:22 p.m.6 views

CVE-2026-20062

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance ASA Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This...

7.2CVSS6AI score0.0012EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder