Lucene search
K

91 matches found

OSV
OSV
added 2026/04/17 1:0 p.m.12 views

OESA-2026-1929 libcap security update

This is a library for getting and setting POSIX.1e formerly POSIX 6 draft 15 capabilities. Security Fixes: A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access t...

7CVSS5.7AI score0.00188EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/04/12 11:24 p.m.5 views

SUSE CVE-2026-35206

Helm is a package manager for Charts for Kubernetes. In Helm versions =3.20.1 and =4.1.3, a specially crafted Chart will cause helm pull --untar chart URL | repo/chartname to write the Chart's contents to the immediate output directory as defaulted to the current working directory; or as given by...

4.4CVSS5.8AI score0.00199EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/04/11 9:26 a.m.6 views

SUSE CVE-2026-4878

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...

7CVSS5.7AI score0.00188EPSS
Exploits1References14
EUVD
EUVD
added 2026/04/09 2:49 p.m.3 views

EUVD-2026-20910

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...

6.7CVSS5.8AI score0.00188EPSS
Exploits1References3
CVE
CVE
added 2026/04/09 2:49 p.m.87 views

CVE-2026-4878

CVE-2026-4878 is a libcap TOCTOU race condition in cap_set_file() that could let a local attacker with write access to a parent directory inject or strip capabilities from executables, enabling privilege escalation. The connected advisories cite a fix in libcap (openSUSE openSUSE-SU-2026:20613-1;...

7CVSS5.8AI score0.00188EPSS
Exploits1References40Affected Software3
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:51 p.m.7 views

CVE-2026-35454

The Code Extension Marketplace is an open-source alternative to the VS Code Marketplace. Prior to 2.4.2, Zip Slip vulnerability in coder/code-marketplace allowed a malicious VSIX file to write arbitrary files outside the extension directory. ExtractZip passed raw zip entry names to a callback tha...

8.7CVSS6.1AI score0.00343EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.4 views

PT-2026-31625

Name of the Vulnerable Software and Affected Versions libcap affected versions not specified Description A flaw exists in libcap where a local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the cap set file function. This allows an attacker with write access...

7CVSS5.8AI score0.00188EPSS
Exploits1References168
NVD
NVD
added 2026/03/31 3:16 p.m.4 views

CVE-2026-34165

go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a...

5CVSS0.00147EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/17 8:33 a.m.44 views

CVE-2026-1323 Insecure Deserialization in extension "Mailqueue" (mailqueue)

The extension fails to properly define allowed classes used when deserializing transport failure metadata. An attacker may exploit this to execute untrusted serialized code. Note that an active exploit requires write access to the directory configured at...

5.2CVSS0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/06 7:51 a.m.6 views

CVE-2026-26033

UPS Multi-UPS Management Console MUMC version 01.06.0001 A03 contains an Unquoted Search Path or Element CWE-428 vulnerability, which allows a user with write access to a directory on the system drive to execute arbitrary code with SYSTEM privileges...

8.4CVSS6.9AI score0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/05 2:24 a.m.7 views

CVE-2026-26033

UPS Multi-UPS Management Console MUMC version 01.06.0001 A03 contains an Unquoted Search Path or Element CWE-428 vulnerability, which allows a user with write access to a directory on the system drive to execute arbitrary code with SYSTEM privileges...

8.4CVSS6.3AI score0.0018EPSS
Exploits0References3
CVE
CVE
added 2026/02/13 6:10 p.m.13 views

CVE-2026-21878

The vulnerability CVE-2026-21878 affects BACnet Stack (open source C library) prior to version 1.5.0.rc3, due to lack of validation of user-provided file paths in the file-writing functionality. Affected code paths include apps/readfile/main.c and ports/posix/bacfile-posix.c. The issue allows wri...

7.5CVSS5.7AI score0.00356EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/02/03 8:49 p.m.35 views

CVE-2026-24053 Cluade Code has a Path Restriction Bypass via ZSH Clobber which Allows Arbitrary File Writes

Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the...

7.7CVSS0.00464EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed the warning from kernelwriteiter 2110.972290 ------------ Cut here ------------ 2110.972301 WARNING: CPU: 3 PID: 735 at fs/readwrite.c:599 kernelwriteiter+0x21b/0x280 This patch does not allow writing to directories...

5.5CVSS6.3AI score0.00156EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000717)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000717 advisory. The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service prevention of file creation by...

4CVSS5.3AI score0.00858EPSS
Exploits1References13
Cvelist
Cvelist
added 2026/01/09 2:24 a.m.31 views

CVE-2025-66315 ZTE MF258K Pro Version Server has a Configuration Defect Vulnerability

There is a configuration defect vulnerability in the version server of ZTE MF258K Pro products. Due to improper directory permission settings, an attacker can execute write permissions in a specific directory...

4.3CVSS0.00223EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/09 2:24 a.m.4 views

CVE-2025-66315 ZTE MF258K Pro Version Server has a Configuration Defect Vulnerability

There is a configuration defect vulnerability in the version server of ZTE MF258K Pro products. Due to improper directory permission settings, an attacker can execute write permissions in a specific directory...

4.3CVSS6.6AI score0.00223EPSS
Exploits0References1
OSV
OSV
added 2025/12/10 4:16 p.m.5 views

CVE-2025-34416

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIPO.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

7.8CVSS6.2AI score
Exploits0References3
Cvelist
Cvelist
added 2025/12/10 4:8 p.m.47 views

CVE-2025-34424 MailEnable < 10.54 DLL Hijacking via Unsafe Loading of MEAIDP.DLL

MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIDP.DLL from its installation directory without sufficient integrity validation or a secure search order. A...

8.5CVSS0.00147EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/12/01 1:3 p.m.6 views

CVE-2025-49642

Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory...

5.8CVSS5.2AI score0.00103EPSS
Exploits0
Rows per page
Query Builder