Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: corrected the incorrect validation of the numaces field in smbacl. The parsedcal function validates numaces to allocate an array of posixacestatearray. If numaces exceeds ULONGMAX / sizeofstruct smbace++, it results in an...

CVE-2026-31706

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate numaces and harden ACE walk in smbinheritdacl smbinheritdacl trusts the on-disk numaces value from the parent directory's DACL xattr and uses it to size a heap allocation: acesbase = kmallocsizeofstruct smbace...

CVE-2026-31706

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate numaces and harden ACE walk in smbinheritdacl smbinheritdacl trusts the on-disk numaces value from the parent directory's DACL xattr and uses it to size a heap allocation: acesbase = kmallocsizeofstruct smbace...

PT-2026-36336

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ksmbd module where the smb inherit dacl function trusts the num aces value from a parent directory's DACL xattr to determine the size of a heap allocation. An...

SUSE CVE-2025-21994

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for numaces field of smbacl parsedcal validate numaces to allocate posixacestatearray. if numaces ULONGMAX / sizeofstruct smbace It is an incorrect validation that we can create an array of size...

DEBIAN-CVE-2025-21994

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for numaces field of smbacl parsedcal validate numaces to allocate posixacestatearray. if numaces ULONGMAX / sizeofstruct smbace It is an incorrect validation that we can create an array of size...

UBUNTU-CVE-2025-21994

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix incorrect validation for numaces field of smbacl parsedcal validate numaces to allocate posixacestatearray. if numaces ULONGMAX / sizeofstruct smbace It is an incorrect validation that we can create an array of size...

CVE-2025-21994

CVE-2025-21994 is a Linux kernel vulnerability in the ksmbd module where validation for the num_aces field of smb_acl was incorrect. The advisory notes that parse_dcal() should verify num_aces using the actual buffer size (smb_acl->size) rather than checking against a calculation that could al...

CVE-2024-20316

A vulnerability in the data model interface DMI services of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access resources that should have been protected by a configured IPv4 access control list ACL. This vulnerability is due to improper handling of error conditions wh...

Cisco IOS XE Software NETCONF/RESTCONF IPv4 Access Control List Bypass Vulnerability

A vulnerability in the data model interface DMI services of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access resources that should have been protected by a configured IPv4 access control list ACL. This vulnerability is due to improper handling of error conditions wh...

aces-elec.fr Improper Access Control vulnerability OBB-3820942

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cross-Site Request Forgery (CSRF) in aces/loris

✍️ Description Attacker able to upload any document with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attack...

Cross-site Scripting (XSS) - Stored in aces/loris

✍️ Description Cross-site scripting also known as XSS is a web security vulnerability that allows an attacker to compromise the interactions that users have with a vulnerable application. Cross-site scripting vulnerabilities normally allow an attacker to masquerade as a victim user, to carry out...

aces-egypt.net Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1160437 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Armored Aces - 3D Tanks Online - Base64 encoded String, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Armored Aces - 3D Tanks Online published at the 'play' market has multiple vulnerabilities...

Directory traversal

Directory traversal vulnerability in ArsDigita Community System ACS 3.4.10 and earlier, and ArsDigita Community Education Solution ACES 1.1, allows remote attackers to read arbitrary files via .%252e/ double-encoded dot dot slash sequences in the URI...

CVE-2007-0389

The CVE-2007-0389 issue affects ArsDigita Community System (ACS) 3.4.10 and earlier and ArsDigita Community Education Solution (ACES) 1.1. It is a directory traversal vulnerability that lets an attacker read arbitrary files by sending URIs containing double-encoded sequences like .%252e/. The pro...