SUSE CVE-2025-71095

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix the crash issue for zero copy XDPTX action There is a crash issue when running zero copy XDPTX action, the crash log is shown below. 216.122464 Unable to handle kernel paging request at virtual address...

Edit permission check not enforced on WebDAV COPY action (NC-SA-2016-004)

The WebDAV endpoint was not properly checking the permission on a WebDAV "COPY" action. This allowed an authenticated attacker with access to a read-only share to put new files in there. It was not possible to modify existing files...

Race condition

Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service plugin crash or...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php/Special/Main/Templates in WikyBlog 1.7.2 and 1.7.3 rc2 allows remote attackers to inject arbitrary web script or HTML via the which parameter in a copy action...

CVE-2006-2633

The CVE-2006-2633 entry describes an absolute path traversal in ByteHoard 2.1 and earlier, where the copy action in index.php can be exploited by remote authenticated users to create or overwrite files in other users’ directories by supplying the absolute directory path in infolder and the filena...