Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2026/04/30 1:18 p.m.9 views

CVE-2026-38993

A flaw was found in Cockpit. This vulnerability, identified as a directory traversal, allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite existing assets with malicious versions. The exploitation occurs via the Buckets component. This cou...

8.1CVSS5.5AI score0.00835EPSS
Exploits0References5
OSV
OSV
added 2026/04/29 6:31 p.m.8 views

GHSA-P46P-7PMJ-M34F Cockpit is vulnerable to directory traversal

Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...

6.5CVSS5.9AI score0.00835EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/29 12:0 a.m.3 views

CVE-2026-38993

Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...

5.5AI score0.00835EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/29 12:0 a.m.30 views

CVE-2026-38993

Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...

0.00835EPSS
Exploits0References2
OSV
OSV
added 2026/04/29 12:0 a.m.2 views

CVE-2026-38993

Cockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackers to write files to arbitrary locations within the uploads directory or overwrite assets with malicious versions...

6.5CVSS6AI score0.00835EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.11 views

Cockpit 路径遍历漏洞

Cockpit is an interactive server management interface developed by Cockpit OpenSource. Versions of Cockpit 2.13.5 and earlier had a path traversal vulnerability, which was caused by directory traversal in the Buckets component. This vulnerability could lead to arbitrary file writing...

6.5CVSS5.9AI score0.00835EPSS
Exploits0References1
CVE
CVE
added 2026/04/29 12:0 a.m.15 views

CVE-2026-38993

CVE-2026-38993 affects Cockpit up to version 2.13.5. The Buckets component enables directory traversal, allowing an authenticated attacker to write files to arbitrary locations within the uploads directory or replace assets with malicious versions. Public references (Red Hat, GHSA, OSV, Snyk, and...

8.1CVSS5.5AI score0.00835EPSS
Exploits0References5
Rows per page
Query Builder