CVE-2026-42445 NanaZip: Uncontrolled recursion in NanaZip UFS directory traversal causes stack exhaustion

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the UFS/UFS2 filesystem image parser in NanaZip. The function GetAllPaths recurses into subdirectories without any depth limit or visited-inode tracking. A crafted UFS...

PT-2026-40359

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the UFS/UFS2 filesystem image parser in NanaZip. The function GetAllPaths recurses into subdirectories without any depth limit or visited-inode tracking. A crafted UFS...

Astra Linux - уязвимость в shadow

Shadow: TOCTOU time-of-check time-of-use race condition when copying and removing directory trees...

UBUNTU-CVE-2026-35365

The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...

CVE-2026-35365

The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...

CVE-2026-35365

The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the implementation expands them, copying the linked targets as real files or directories at the destination. This can lead to...

[SECURITY] Fedora 42 Update: vgrep-2.8.0-4.fc42

vgrep is a pager for grep, git-grep, ripgrep and similar grep implementations, and allows for opening the indexed file locations in a user-specified editor such as vim or emacs. vgrep is inspired by the ancient cgvg scripts but extended to perform further operations such as listing statistics of...

[SECURITY] Fedora 41 Update: vgrep-2.8.0-4.fc41

vgrep is a pager for grep, git-grep, ripgrep and similar grep implementations, and allows for opening the indexed file locations in a user-specified editor such as vim or emacs. vgrep is inspired by the ancient cgvg scripts but extended to perform further operations such as listing statistics of...

SUSE SLES15 Security Update : shadow (SUSE-SU-2024:2648-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2648-1 advisory. - CVE-2013-4235: Fixed a race condition when copying and removing directory trees bsc916845. Tenable has extracted the preceding description...

SUSE-SU-2024:2659-1 Security update for shadow

This update for shadow fixes the following issues: - CVE-2013-4235: Fixed a race condition when copying and removing directory trees bsc916845...

SUSE-SU-2024:2658-1 Security update for shadow

This update for shadow fixes the following issues: - CVE-2013-4235: Fixed a race condition when copying and removing directory trees bsc916845...

SUSE-SU-2024:2657-1 Security update for shadow

This update for shadow fixes the following issues: - CVE-2013-4235: Fixed a race condition when copying and removing directory trees bsc916845...

SUSE-SU-2024:2648-1 Security update for shadow

This update for shadow fixes the following issues: - CVE-2013-4235: Fixed a race condition when copying and removing directory trees bsc916845...

SUSE-SU-2024:2630-1 Security update for shadow

This update for shadow fixes the following issues: - CVE-2013-4235: Fixed a race condition when copying and removing directory trees bsc916845...

SUSE SLES12 Security Update : shadow (SUSE-SU-2024:2603-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2603-1 advisory. - CVE-2013-4235: Fixed a race condition when copying and removing directory trees bsc916845. Tenable has extracted the preceding description...

OESA-2023-1849 shadow security update

Tools for managing accounts and shadow password files. Security Fixes: shadow: TOCTOU time-of-check time-of-use race condition when copying and removing directory treesCVE-2013-4235...

Debian: Security Advisory (DLA-3533-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2012-5630

libuser 0.56 and 0.57 has a TOCTOU time-of-check time-of-use race condition when copying and removing directory trees...

MGASA-2022-0455 Updated shadowutils packages fix security vulnerability

shadow: TOCTOU time-of-check time-of-use race condition when copying and removing directory trees. CVE-2013-4235...

CLSA-2022-1670260858 Fix CVE(s): CVE-2013-4235

SECURITY UPDATE: Race condition when copying and removing directory trees - debian/patches/CVE-2013-4235.patch: fix races in chowntree, removetree and copytree - CVE-2013-4235...