RLSA-2026:19368 Important: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

EUVD-2026-29827

HashiCorp Nomad’s exec2 task driver prior to 0.1.2 is vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability CVE-2026-8052 is fixed in version 0.1.2 of the exec2 task driver...

Astra Linux - уязвимость в rsync

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...

Arbitrary Code Execution

Orval is vulnerable to Arbitrary Code Execution. The vulnerability is due to unsanitized embedding of untrusted OpenAPI fields, where attacker-controlled values in the x-enumDescriptions field are injected without proper escaping during enum generation, resulting in executable JavaScript/TypeScri...

Linux Distros Unpatched Vulnerability : CVE-2025-62611

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client- side settings are not checked before sending local...

DEBIAN-CVE-2025-62611

aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...

EUVD-2025-35594

aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...

GHSA-R397-FF8C-WV2G aiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL server

Summary The client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. Details It is possible to create a rogue MySQL server that emulates authorization, ignores client flags and requests arbitrary...

aiomysql 安全漏洞

aiomysql is a MySQL access library from aio-libs open source. A security vulnerability exists in aiomysql versions prior to 0.3.0, which stems from an unchecked client-side setting that could lead to a malicious server obtaining arbitrary client-side files...

EUVD-2023-36137

Malicious code in bioql PyPI...

rsync: rsync server leaks arbitrary client files

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...

Security update for rsync

This update for rsync fixes the following issues: Bump protocol version to 32 - make it easier to show server is patched. Fix FLAGGOTDIRFLIST collission with FLAGHLINKED Security update,CVE-2024-12747, bsc1235475 race condition in handling symbolic links Security update, fix multiple...

Detection of Error Condition Without Action

Overview Affected versions of this package are vulnerable to Detection of Error Condition Without Action when files are being copied from a client to a server. This allows a server to leak the contents of an arbitrary file from the client's machine. Remediation A fix was pushed into the master...

ALPINE-CVE-2024-12086

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...

DEBIAN-CVE-2024-12086

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool open-sourced by RsyncProject. It is used for remote files and local files. Rsync has a security vulnerability that stems from improper checksum comparisons, resulting in the server being able to enumerate the contents of arbitrary files on the clien...

PT-2024-10124

Name of the Vulnerable Software and Affected Versions rsync affected versions not specified Description The issue is related to rsync, a software used for synchronizing files across different systems. It allows a server to enumerate the contents of an arbitrary file from the client's machine by...

Code injection

In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side...

PT-2022-24993 · Mz Automation +1 · Libiec61850 +1

Name of the Vulnerable Software and Affected Versions: MZ Automation libiec61850 versions up to 1.4 Description: A critical issue has been found in the MMS File Services component, specifically affecting the file src/mms/iso mms/client/mms client files.c. The manipulation of the filename argument...

rsync: remote arbitrary files write inside the directories of connecting peers

A flaw was found in rsync that is triggered by a victim rsync user/client connecting to a malicious rsync server. The server can copy and overwrite arbitrary files in the client's rsync target directory and subdirectories. This flaw allows a malicious server, or in some cases, another attacker wh...