24 matches found
AutoDFBench 1.0: A Benchmarking Framework for Digital Forensic Tool Testing and Generated Code Evaluation
The National Institute of Standards and Technology NIST Computer Forensic Tool Testing CFTT programme has become the de facto standard for providing digital forensic tool testing and validation. However to date, no comprehensive framework exists to automate benchmarking across the diverse forensi...
SUSE CVE-2025-2424
Mattermost versions 10.5.x = 10.5.1, 9.11.x = 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker who knows the IDs of deleted files to obtain metadata of the files via bookmark creation...
Exposure of Sensitive Information Through Metadata
Overview Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Metadata when executing the UpdateChannelBookmark function, due to improper handling of user permissions. By creating a bookmark referencing a deleted file, an attacker can expose metadata from...
Exposure of Sensitive Information Through Metadata
Overview Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Metadata when executing the UpdateChannelBookmark function, due to improper handling of user permissions. By creating a bookmark referencing a deleted file, an attacker can expose metadata from...
Exposure of Sensitive Information Through Metadata
Overview Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Metadata when executing the UpdateChannelBookmark function, due to improper handling of user permissions. By creating a bookmark referencing a deleted file, an attacker can expose metadata from...
Exposure of Sensitive Information Through Metadata
Overview Affected versions of this package are vulnerable to Exposure of Sensitive Information Through Metadata when executing the UpdateChannelBookmark function, due to improper handling of user permissions. By creating a bookmark referencing a deleted file, an attacker can expose metadata from...
CVE-2025-2424 Leaked Metadata of Deleted Files via Bookmark Creation
Mattermost versions 10.5.x = 10.5.1, 9.11.x = 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker who knows the IDs of deleted files to obtain metadata of the files via bookmark creation...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an information disclosure vulnerability that stems from not checking if a file has been deleted, which can be exploited by an attacker to cause a file metadata disclosure...
CVE-2024-36383
Vulnerability summary: Logpoint SAML Authentication before 6.0.3 is affected by an issue where an attacker can place a crafted filename in the state field of a SAML SSO URL response, leading to deletion of the corresponding file and a SAML login outage. This affects Logpoint SAML Authentication p...
CVE-2023-5368 msdosfs data disclosure
On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes. This may permit a user with write access to files on a msdosfs filesystem to re...
PT-2023-32071 · Msdosfs +1 · Msdosfs +1
Name of the Vulnerable Software and Affected Versions: msdosfs affected versions not specified Description: The issue arises when the 'truncate' or 'ftruncate' system calls are used on an msdosfs filesystem under certain circumstances. Instead of populating the additional space in the file with...
SUSE CVE-2012-4508
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized...
DEBIAN-CVE-2022-29973
relan exFAT 1.3.0 allows local users to obtain sensitive information data from deleted files in the filesystem in certain situations involving offsets beyond ValidDataLength...
Information Disclosure
Linux kernel is vulnerable to information disclosure. A race condition in fs/ext4/extents.c when using ext4 file system allows a local unprivileged user to retrieve confidential information from a deleted file whose data blocks have not yet been written...
emlog 5.3.1 any deleted file-2
No description provided by source...
MGASA-2016-0305 Updated mediawiki packages fix security vulnerability
Check read permission when loading page content in ApiParse CVE-2016-6331 Make blocks log users out if $wgBlockDisablesLogin is true CVE-2016-6332 Make $wgBlockDisablesLogin also restrict logged in permissions CVE-2016-6332 Require login to preview user CSS pages CVE-2016-6333 Escape '' in inline...
kernel: security and bugfix update (important)
The Linux kernel was updated to fix various bugs and security issues: CVE-2013-0871: Race condition in the ptrace functionality in the Linux kernel allowed local users to gain privileges via a PTRACESETREGS ptrace system call in a crafted application, as demonstrated by ptracedeath. CVE-2013-0160...
CVE-2012-4508
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized...
DEBIAN-CVE-2012-4508
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized...
Race condition
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized...