17 matches found
GHSA-886Q-F44J-H6WH SillyTavern has a Path Traversal issue
Summary POST /api/extensions/delete endpoint accepts extensionName: "." which bypasses sanitize-filename validation, causing the entire user extensions directory to be recursively deleted. No authentication is required in the default configuration. Affected File src/endpoints/extensions.js last...
Security update for libssh
This update for libssh fixes the following issues: CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal bsc1258049. CVE-2026-0965: possible denial of service when parsing unexpected configuration files bsc1258045. CVE-2026-0966: buffer underflow in...
SUSE-SU-2026:1565-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal bsc1258049. - CVE-2026-0965: possible denial of service when parsing unexpected configuration files bsc1258045. - CVE-2026-0966: buffer underflow in...
SUSE SLES12 Security Update : libssh (SUSE-SU-2026:1344-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1344-1 advisory. - CVE-2026-3731: denial of service via out-of-bounds read in SFTP extension name handler bsc1259377. - CVE-2026-0964: SCP protocol path travers...
SUSE-SU-2026:1344-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2026-3731: denial of service via out-of-bounds read in SFTP extension name handler bsc1259377. - CVE-2026-0964: SCP protocol path traversal in sshscppullrequest bsc1258049. - CVE-2026-0965: possible denial of service when parsing unexpected...
CLSA-2026-1774007374 libssh: Fix of CVE-2026-3731
CVE-2026-3731: Validate idx and add bounds checks; prevent out-of-bounds read in SFTP Extension Name Handler via manipulated idx...
SUSE-SU-2026:0936-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2026-3731: Denial of Service via out-of-bounds read in SFTP extension name handler bsc1259377...
CLSA-2026-1773931583 libssh: Fix of CVE-2026-3731
CVE-2026-3731: fix off-by-one in sftpextensionsgetname/sftpextensionsgetdata...
SUSE-SU-2026:20767-1 Security update for libssh
This update for libssh fixes the following issue: - CVE-2026-3731: Denial of Service via out-of-bounds read in SFTP extension name handler bsc1259377...
SUSE CVE-2026-3731
A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftpextensionsgetname/sftpextensionsgetdata of the file src/sftp.c of the component SFTP Extension Name Handler. Executing a manipulation of the argument idx can lead to out-of-bounds read. The attack may ...
AZL-79544 CVE-2026-3731 affecting package libssh 0.10.6-5
A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftpextensionsgetname/sftpextensionsgetdata of the file src/sftp.c of the component SFTP Extension Name Handler. Executing a manipulation of the argument idx can lead to out-of-bounds read. The attack may ...
CVE-2026-3731 libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds
A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftpextensionsgetname/sftpextensionsgetdata of the file src/sftp.c of the component SFTP Extension Name Handler. Executing a manipulation of the argument idx can lead to out-of-bounds read. The attack may ...
EUVD-2021-24018
Malware in sbrugna...
CVE-2021-37453
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the extension name stored...
CVE-2021-37453
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the extension name stored...
CVE-2021-37453
Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the extension name stored...
V-CMS PHP File Upload and Execute
This module exploits a vulnerability found on V-CMS's inline image upload feature. The problem is due to the inlineimageupload.php file not checking the file type before saving it on the web server. This allows any malicious user to upload a script such as PHP without authentication, and then...