Lucene search
+L

23 matches found

osv
osv
added 2026/05/05 1:57 a.m.22 views

CLSA-2026-1777946242 php: Fix of 13 CVEs

CVE-2018-14883: fix int overflow leading to heap overflow in exifthumbnailextract - CVE-2019-6977: fix imagecolormatch out-of-bounds write on heap in GD - CVE-2019-9022: fix memcpy with negative length via crafted DNS response - CVE-2019-9640: fix invalid read in exifprocessSOFn - CVE-2019-11042:...

8.8CVSS7AI score0.9523EPSS
Exploits21References1
osv
osv
added 2026/04/22 6:31 p.m.10 views

GHSA-957R-R8GC-VV3H uutils coreutils doesn't preserve file ownership during moves across different filesystem boundaries

The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...

4.2CVSS5.8AI score0.00132EPSS
Exploits1References3
github
github
added 2026/04/22 6:31 p.m.8 views

uutils coreutils doesn't preserve file ownership during moves across different filesystem boundaries

The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...

4.2CVSS5.2AI score0.00132EPSS
Exploits1References3Affected Software1
attackerkb
attackerkb
added 2026/04/22 4:8 p.m.3 views

CVE-2026-35365

The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...

6.6CVSS5.8AI score0.00161EPSS
Exploits0References3
osv
osv
added 2026/04/22 4:8 p.m.4 views

CVE-2026-35365 uutils coreutils mv Denial of Service and Data Duplication via Improper Symlink Expansion

The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...

6.6CVSS5.9AI score0.00161EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2026/04/22 4:8 p.m.6 views

CVE-2026-35365 uutils coreutils mv Denial of Service and Data Duplication via Improper Symlink Expansion

The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...

6.6CVSS5.8AI score0.00161EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/04/22 4:8 p.m.5 views

CVE-2026-35351

The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...

4.2CVSS5.8AI score0.00132EPSS
Exploits1References2
cvelist
cvelist
added 2026/04/22 4:8 p.m.33 views

CVE-2026-35351 uutils coreutils mv Silent Ownership Loss in Cross-Device Operations

The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...

4.2CVSS0.00132EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2026/04/22 12:0 a.m.8 views

PT-2026-34501

Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description The mv utility improperly handles directory trees containing symbolic links when moving them across filesystem boundaries. The implementation expands symbolic links—which are pointer...

6.6CVSS6AI score0.00161EPSS
Exploits0References15
cnnvd
cnnvd
added 2026/04/22 12:0 a.m.9 views

uutils coreutils 安全漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils. There is a security vulnerability in uutils coreutils. This vulnerability arises from the mv utility failing to retain file ownership when moving between different file system boundaries. The utility reverts to th...

4.2CVSS5.8AI score0.00132EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2026/04/22 12:0 a.m.7 views

PT-2026-34487

The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...

4.2CVSS5.8AI score0.00132EPSS
Exploits1References2
nessus
nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 3 : gnome-vfs2-2.16.2-10.AXS3 (AXSA:2013-42:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-42:01 advisory. GNOME VFS is the GNOME virtual file system. It is the foundation of the Nautilus file manager. It provides a modular architecture and ships with several module...

9.3CVSS6.9AI score0.08437EPSS
Exploits1References2
susecve
susecve
added 2025/12/17 12:30 a.m.5 views

SUSE CVE-2025-40362

In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other fs in a multifs ceph...

7CVSS6.6AI score0.0025EPSS
Exploits0References8
euvd
euvd
added 2025/12/16 3:30 p.m.4 views

EUVD-2025-203731

In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other fs in a multifs ceph...

6AI score0.0025EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2025/12/16 2:15 p.m.5 views

CVE-2025-40362

In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other fs in a multifs ceph...

5.7AI score0.0025EPSS
Exploits0References10
cve
cve
added 2025/12/16 1:40 p.m.16 views

CVE-2025-40362

CVE-2025-40362 concerns the Linux kernel fix for a multifs Ceph MDS issue where the mds auth caps check could apply the wrong fs’s caps to another fs in a multifs cluster. The description specifies that an incorrect fsname/caps validation allowed a user’s read-only or read-write permissions to be...

6.2AI score0.0025EPSS
Exploits0References3
osv
osv
added 2025/12/16 1:40 p.m.6 views

CVE-2025-40362 ceph: fix multifs mds auth caps issue

In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in applying the mds auth caps of one fs on to the other fs in a multifs ceph...

6.4AI score0.0025EPSS
Exploits0References6
nessus
nessus
added 2025/12/16 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-40362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not doing so would result in...

6.1AI score0.0025EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/09/11 12:0 a.m.7 views

PT-2025-51578

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the Ceph implementation related to MultiFS MDS authentication capabilities. Specifically, the check for authentication capabilities does not validate...

4.9CVSS5.5AI score0.0025EPSS
Exploits0
cnnvd
cnnvd
added 2024/01/12 12:0 a.m.4 views

go-git path traversal vulnerability

go-git is go-git open source a pure Go written in a highly scalable git implementation of the library . A path traversal vulnerability exists in versions prior to go-git v5.11 that allows an attacker to create and modify files across file systems...

9.8CVSS6.8AI score0.01523EPSS
Exploits0References3
Rows per page
Query Builder