Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2026/05/11 8:36 p.m.7 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/09 9:6 a.m.8 views

CVE-2024-34068

Pterodactyl wings is the server control plane for Pterodactyl Panel. An authenticated user who has access to a game server is able to bypass the previously implemented access control GHSA-6rg3-8h8x-5xfv that prevents accessing internal endpoints of the node hosting Wings in the pull endpoint. Thi...

6.4CVSS6.5AI score0.00394EPSS
Exploits0References1
OSV
OSV
added 2020/12/08 4:15 p.m.2 views

ALPINE-CVE-2020-1971

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not. This function behaves incorrect...

5.9CVSS6.8AI score0.06968EPSS
Exploits3References1
FreeBSD
FreeBSD
added 2015/01/18 12:0 a.m.26 views

websvn -- information disclosure

Thijs Kinkhorst reports: James Clawson reported: "Arbitrary files with a known path can be accessed in websvn by committing a symlink to a repository and then downloading the file using the download link. An attacker must have write access to the repo, and the download option must have been enabl...

3.5CVSS6.5AI score0.00956EPSS
Exploits0References2
Kitploit
Kitploit
added 2013/11/04 3:21 a.m.148 views

[FoxOne] Free OSINT Tool - Server Reconnaissance Scanner

FoxOne is a free OSINT tool, described by the author th3j35t3r as a Non-Invasive and Non-Detectable Server Reconnaissance Scanner. Bypassing API limitations and currently detecting 6500+ vulnerable server paths/files – without ever touching the target server. Very good for getting hold of intel o...

9.8AI score
Exploits0
Rows per page
Query Builder