Lucene search
K

396 matches found

Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.18 views

PT-2026-39571

A security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfile mgr.cgi. The manipulation results in os command injection. The attack may be performed from remote. The exploit has been released to the public...

5.8CVSS5.6AI score0.05587EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.22 views

D-Link DNS-320 命令注入漏洞

The D-Link DNS-320 is a NAS Network Attached Storage device produced by D-Link Corporation. The D-Link DNS-320 version 2.06B01 has a command injection vulnerability. This vulnerability arises from functions such as delete, rename, copy, move, chmod, and chown in the file/cgi-bin/webfilemgr.cgi,...

7.2CVSS5.8AI score0.05587EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-31709

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: validate the whole DACL before rewriting it in cifsacl buildsecdesc and idmodetocifsacl derive a DACL pointer from a server-supplied dacloffset and...

8.8CVSS7.3AI score0.00259EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.10 views

PT-2026-36339

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SMB client where the system fails to fully validate the Discretionary Access Control List DACL before rewriting it in cifsacl. The functions build sec desc and id...

9.8CVSS6.1AI score0.00514EPSS
Exploits0References440
NVD
NVD
added 2026/04/23 4:16 a.m.6 views

CVE-2026-41231

Froxlor is open source server administration software. Prior to version 2.3.6, DataDump.add constructs the export destination path from user-supplied input without passing the $fixedhomedir parameter to FileDir::makeCorrectDir, bypassing the symlink validation that was added to all other...

7.5CVSS0.00414EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/23 3:52 a.m.4 views

CVE-2026-41231

Froxlor is open source server administration software. Prior to version 2.3.6, DataDump.add constructs the export destination path from user-supplied input without passing the $fixedhomedir parameter to FileDir::makeCorrectDir, bypassing the symlink validation that was added to all other...

9.9CVSS5.9AI score0.00836EPSS
Exploits2References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.12 views

PT-2026-34635

Froxlor is open source server administration software. Prior to version 2.3.6, DataDump.add constructs the export destination path from user-supplied input without passing the $fixed homedir parameter to FileDir::makeCorrectDir, bypassing the symlink validation that was added to all other...

7.5CVSS5.9AI score0.00414EPSS
Exploits1References4
OSV
OSV
added 2026/04/22 6:31 p.m.4 views

GHSA-X2WV-9P67-MH9W uutils coreutils doesn't properly handle setuid and setgid bits when ownership preservation fails

The cp utility in uutils coreutils fails to properly handle setuid and setgid bits when ownership preservation fails. When copying with the -p preserve flag, the utility applies the source mode bits even if the chown operation is unsuccessful. This can result in a user-owned copy retaining origin...

6.6CVSS5.8AI score0.00125EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/22 6:31 p.m.5 views

EUVD-2026-24967

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

5.5CVSS5.7AI score0.00142EPSS
Exploits0References3
OSV
OSV
added 2026/04/22 6:31 p.m.4 views

GHSA-88CH-Q68X-36V7 uutils coreutils has an Incorrect Check of Function Return Value

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

5.5CVSS5.8AI score0.00142EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/22 6:31 p.m.8 views

uutils coreutils has an Incorrect Check of Function Return Value

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

5.5CVSS5.3AI score0.00142EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/22 5:16 p.m.7 views

CVE-2026-35340

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

5.5CVSS0.00142EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/04/22 5:16 p.m.7 views

CVE-2026-35340

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

5.5CVSS5.8AI score0.00142EPSS
Exploits0References2
OSV
OSV
added 2026/04/22 5:16 p.m.4 views

UBUNTU-CVE-2026-35340

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

5.5CVSS5.8AI score0.00142EPSS
Exploits0References3
CVE
CVE
added 2026/04/22 4:8 p.m.20 views

CVE-2026-35350

The CVE-2026-35350 entry concerns the cp utility in uutils coreutils. When using -p (preserve), if chown fails, the tool applies the source’s mode bits, potentially producing a user-owned copy with privileged bits (setuid/setgid) and violating local security policies. This behavior differs from G...

6.6CVSS5.7AI score0.00125EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:7 p.m.4 views

CVE-2026-35340

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

5.5CVSS5.7AI score0.00142EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/22 4:7 p.m.28 views

CVE-2026-35340 uutils coreutils chown and chgrp False Success Exit Code in Recursive Mode

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

5.5CVSS0.00142EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/22 4:7 p.m.4 views

CVE-2026-35340 uutils coreutils chown and chgrp False Success Exit Code in Recursive Mode

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

5.5CVSS5.7AI score0.00142EPSS
Exploits0References2
CVE
CVE
added 2026/04/22 4:7 p.m.11 views

CVE-2026-35340

The CVE-2026-35340 issue affects the uutils coreutils chown and chgrp via the ChownExecutor. In recursive operations, the utilities return an exit code based solely on the last processed file; if earlier ownership/group changes failed due to permissions, they may still report success (0). This ca...

5.5CVSS5.7AI score0.00142EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/04/22 4:7 p.m.3 views

CVE-2026-35340

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

5.5CVSS5.4AI score0.00142EPSS
Exploits0
Rows per page
Query Builder