Lucene search
+L

53 matches found

RedHat Linux
RedHat Linux
added 2026/06/30 2:42 p.m.7 views

mariadb: mbstream: Unauthorized file creation via path traversal

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/30 11:22 a.m.7 views

mariadb: mbstream: Unauthorized file creation via path traversal

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/30 7:8 a.m.4 views

mariadb: mbstream: Unauthorized file creation via path traversal

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/23 8:0 a.m.13 views

CVE-2026-44171

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS5.8AI score0.00135EPSS
Exploits0References5
OSV
OSV
added 2026/06/16 11:50 a.m.6 views

BIT-MYSQL-CLIENT-2026-44171 MariaDB: path traversal in mbstream

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

7.8CVSS5.3AI score0.00135EPSS
Exploits0References3
OSV
OSV
added 2026/06/16 11:47 a.m.5 views

BIT-MARIADB-MIN-2026-44171 MariaDB: path traversal in mbstream

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

7.8CVSS5.3AI score0.00135EPSS
Exploits0References3
OSV
OSV
added 2026/06/16 11:46 a.m.10 views

BIT-MARIADB-2026-44171 MariaDB: path traversal in mbstream

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

7.8CVSS5.3AI score0.00135EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 6:16 p.m.10 views

ALPINE-CVE-2026-44171

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

7.8CVSS5.3AI score0.00135EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 6:16 p.m.13 views

CVE-2026-44171

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

7.8CVSS0.00135EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 5:33 p.m.14 views

EUVD-2026-36516

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

6.3CVSS5.2AI score0.00135EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 5:33 p.m.11 views

CVE-2026-44171 MariaDB: path traversal in mbstream

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

6.3CVSS5.4AI score0.00135EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 5:33 p.m.38 views

CVE-2026-44171

CVE-2026-44171 describes a path traversal vulnerability in MariaDB’s mbstream during archive extraction. Affected releases are MariaDB server branches: 10.6.1–10.6.25, 10.11.1–10.11.16, 11.4.1–11.4.10, 11.8.1–11.8.6, and 12.3.1. A crafted archive could cause mbstream to create files outside the i...

7.8CVSS5.2AI score0.00135EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/12 5:33 p.m.3 views

CVE-2026-44171 MariaDB: path traversal in mbstream

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

6.3CVSS5.9AI score0.00135EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/12 5:33 p.m.48 views

CVE-2026-44171 MariaDB: path traversal in mbstream

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

6.3CVSS0.00135EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/12 5:33 p.m.12 views

CVE-2026-44171

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, mbstream did not check for /../ in the path when unpacking the archive. A proper backup can never contai...

7.8CVSS5.3AI score0.00135EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/10 11:13 p.m.1 views

mariadb: mbstream: Unauthorized file creation via path traversal

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS6AI score0.00135EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/10 10:32 p.m.1 views

mariadb: mbstream: Unauthorized file creation via path traversal

A flaw was found in MariaDB's mbstream utility. This vulnerability allows a highly privileged local attacker, who can provide a specially crafted archive, to create files outside of the intended target directory. This is due to mbstream not properly validating paths containing directory traversal...

7.8CVSS6AI score0.00135EPSS
Exploits0References6
OSV
OSV
added 2026/01/12 5:39 p.m.6 views

GO-2026-4278 HashiCorp Nomad is vulnerable to path escape through archive unpacking during migration in github.com/hashicorp/nomad

HashiCorp Nomad is vulnerable to path escape through archive unpacking during migration in github.com/hashicorp/nomad...

8.6CVSS6.9AI score0.00388EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-2459

Malicious code in bioql PyPI...

5.8CVSS6.3AI score0.00333EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-7625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation...

5.8CVSS6.3AI score0.00333EPSS
Exploits0References2
Rows per page
Query Builder