CVE-2026-35357

The CVE-2026-35357 entry concerns the cp utility in the uutils coreutils project. The vulnerability is an information-disclosure race where destination files are created with umask-derived permissions (e.g., 0644) and later tightened to the final mode (e.g., 0600). A local attacker can race to op...

WordPress plugin Post/Page Copying Tool 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...

AZL-38785 CVE-2023-45288 affecting package azcopy for versions less than 10.25.1-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

PT-2022-26044 · Unknown · Fastest-Json-Copy

Name of the Vulnerable Software and Affected Versions: fastest-json-copy version 1.0.1 Description: The issue allows an external attacker to edit or add new properties to an object because the application does not correctly validate the incoming JSON keys, thus allowing the proto property to be...

DEBIAN-CVE-2022-0485

A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the error parameter. This could result in the silent creation of a...

Synology USB Copy 路径遍历漏洞

Synology USB Copy from Synology China helps you copy files between Synology NAS and external USB/SD storage devices. A path traversal vulnerability exists in Synology USB Copy versions prior to 2.2.0-1086, which stems from an improper restriction on the pathname of a restricted directory in the...

OESA-2022-1669 libtiff security update

This libtiff provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libti...

Command Execution Vulnerability in Deepsix Remote Copy Tool

DeepSign Technology Co., Ltd. is a product and service provider specializing in enterprise-level security, cloud computing and IT infrastructure. A command execution vulnerability exists in the DeepService Remote Copy Tool, which can be exploited by an attacker to gain server privileges...

LibTIFF tools/tiffcp.c file heap buffer overflow vulnerability

LibTIFF is a library for reading and writing the Tagged Image File Format abbreviated as TIFF. A heap buffer overflow vulnerability exists in the tools/tiffcp.c file in LibTIFF version 4.0.7. A remote attacker could use this vulnerability to cause a denial of service integer overflow with a...