23 matches found
CLSA-2026-1777946242 php: Fix of 13 CVEs
CVE-2018-14883: fix int overflow leading to heap overflow in exifthumbnailextract - CVE-2019-6977: fix imagecolormatch out-of-bounds write on heap in GD - CVE-2019-9022: fix memcpy with negative length via crafted DNS response - CVE-2019-9640: fix invalid read in exifprocessSOFn - CVE-2019-11042:...
GHSA-957R-R8GC-VV3H uutils coreutils doesn't preserve file ownership during moves across different filesystem boundaries
The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...
uutils coreutils doesn't preserve file ownership during moves across different filesystem boundaries
The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...
CVE-2026-35365
The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...
CVE-2026-35365 uutils coreutils mv Denial of Service and Data Duplication via Improper Symlink Expansion
The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...
CVE-2026-35365 uutils coreutils mv Denial of Service and Data Duplication via Improper Symlink Expansion
The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...
CVE-2026-35351
The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...
CVE-2026-35351 uutils coreutils mv Silent Ownership Loss in Cross-Device Operations
The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...
PT-2026-34501
Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description The mv utility improperly handles directory trees containing symbolic links when moving them across filesystem boundaries. The implementation expands symbolic links—which are pointer...
uutils coreutils 安全漏洞
uutils coreutils is a cross-platform core command-line toolset developed by Uutils. There is a security vulnerability in uutils coreutils. This vulnerability arises from the mv utility failing to retain file ownership when moving between different file system boundaries. The utility reverts to th...
PT-2026-34487
The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...
MiracleLinux 3 : gnome-vfs2-2.16.2-10.AXS3 (AXSA:2013-42:01)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-42:01 advisory. GNOME VFS is the GNOME virtual file system. It is the foundation of the Nautilus file manager. It provides a modular architecture and ships with several module...
SUSE CVE-2025-40362
In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other fs in a multifs ceph...
EUVD-2025-203731
In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other fs in a multifs ceph...
CVE-2025-40362
In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other fs in a multifs ceph...
CVE-2025-40362
CVE-2025-40362 concerns the Linux kernel fix for a multifs Ceph MDS issue where the mds auth caps check could apply the wrong fs’s caps to another fs in a multifs cluster. The description specifies that an incorrect fsname/caps validation allowed a user’s read-only or read-write permissions to be...
CVE-2025-40362 ceph: fix multifs mds auth caps issue
In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other fs in a multifs ceph...
Linux Distros Unpatched Vulnerability : CVE-2025-40362
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in...
PT-2025-51578
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the Ceph implementation related to MultiFS MDS authentication capabilities. Specifically, the check for authentication capabilities does not validate...
go-git path traversal vulnerability
go-git is go-git open source a pure Go written in a highly scalable git implementation of the library . A path traversal vulnerability exists in versions prior to go-git v5.11 that allows an attacker to create and modify files across file systems...