Lucene search
K

1037 matches found

OSV
OSV
added last week2 views

JLSEC-2026-630 Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system...

Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module...

7.2CVSS6.1AI score0.00136EPSS
Exploits0References5
OSV
OSV
added last week2 views

JLSEC-2026-626 Rsync versions before 3.4.3 contain a time-of-check to time-of-use (TOCTOU) race condition in...

Rsync versions before 3.4.3 contain a time-of-check to time-of-use TOCTOU race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replacing parent directory components with symbolic links. Attackers with write access to a module path ca...

7.3CVSS6AI score0.00152EPSS
Exploits0References7
OSV
OSV
added last week2 views

JLSEC-2026-628 Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's...

Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing...

6.3CVSS5.8AI score0.00282EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/24 1:21 p.m.6 views

EUVD-2026-38789

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.9AI score0.00345EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:21 p.m.17 views

CVE-2026-35025

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.9AI score0.00345EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.28 views

PT-2026-51789

Name of the Vulnerable Software and Affected Versions ProFTPD versions 1.3.9b through 1.3.10rc2 Description An access control bypass allows authenticated FTP users to circumvent Directory ACL restrictions. By prefixing paths with /proc/self/root in the RNFR command handler, attackers can exploit...

8.6CVSS5.8AI score0.00345EPSS
Exploits0References8
Rockylinux
Rockylinux
added 2026/06/17 12:3 p.m.6 views

rsync security update

An update is available for rsync. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsync utility enables the users to copy and synchronize files locally or...

8.1CVSS5.5AI score0.0078EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/16 5:38 p.m.13 views

rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.

A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...

7.8CVSS5.3AI score0.00152EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/16 5:37 p.m.4 views

rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.

A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...

7.8CVSS5.3AI score0.00152EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/16 2:45 p.m.6 views

rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.

A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...

7.8CVSS5.3AI score0.00152EPSS
Exploits0References4
OSV
OSV
added 2026/06/16 7:31 a.m.5 views

USN-8349-3 rsync regression

USN-8349-1 fixed vulnerabilities in rsync. Unfortunately that update introduced multiple regressions in rsync functionality. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Calum Hutton discovered that rsync contained a heap-based out-of-bounds read...

8.1CVSS5.6AI score0.0078EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.7 views

RHEL 10 : rsync (RHSA-2026:26332)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26332 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because...

8.1CVSS5.6AI score0.0078EPSS
Exploits0References7
OSV
OSV
added 2026/06/16 12:0 a.m.4 views

ALSA-2026:26410 Important: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

8.1CVSS5.4AI score0.0078EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2026/06/16 12:0 a.m.20 views

Important: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

8.1CVSS5.4AI score0.0078EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.8 views

RHEL 9 : rsync (RHSA-2026:26410)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26410 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because...

8.1CVSS5.6AI score0.0078EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/12 2:35 p.m.11 views

CVE-2026-48855

A flaw was found in Erlang OTP ssh, specifically within the sshsftpd module. An authenticated SFTP client can exploit this vulnerability by creating a symbolic link symlink inside a restricted directory chroot that points to the root directory. When the client reads this symlink, the sshsftpd...

6.5CVSS5.2AI score0.00277EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.9 views

SUSE CVE-2026-48855

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh sshsftpd module allows File Discovery. The SSHFXPREADLINK handler in sshsftpd sends the raw result of file:readlink/2 to the client without calling chrootfilename/2 to strip the backend root prefix. An...

2.3CVSS5.3AI score0.00277EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.7 views

openSUSE 16 Security Update : erlang (openSUSE-SU-2026:20907-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20907-1 advisory. This update for erlang fixes the following issues - CVE-2025-4748: improper limitation of a pathname may lead to path traversal bsc1244642. -...

8.1CVSS5.6AI score0.00354EPSS
Exploits0References15
EUVD
EUVD
added 2026/06/10 2:35 p.m.11 views

EUVD-2026-36056

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh sshsftpd module allows File Discovery. The SSHFXPREADLINK handler in sshsftpd sends the raw result of file:readlink/2 to the client without calling chrootfilename/2 to strip the backend root prefix. An...

2.3CVSS5.5AI score0.00277EPSS
Exploits0References5
CVE
CVE
added 2026/06/10 2:35 p.m.26 views

CVE-2026-48855

Summary: CVE-2026-48855 affects Erlang OTP ssh_sftpd. An authenticated SFTP client can create a symlink inside a chroot that points to the filesystem root; when reading the link via SSH_FXP_READLINK, ssh_sftpd exposes the absolute backend root path (and any symlink targets) instead of the chroote...

6.5CVSS5.5AI score0.00277EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder