528 matches found
CVE-2026-44711 pam_usb: Symlink attacks on pad directory and pad files enable authentication bypass and root file corruption
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7...
CVE-2026-44711
The CVE concerns the pam_usb project for Linux. Affected: pam_usb versions prior to 0.8.7. Root cause: symlink attacks on the pad directory and pad files. Impact: authentication bypass and potential root file corruption. The issue is fixed in version 0.8.7. There is no explicit exploitation statu...
CVE-2026-44711 pam_usb: Symlink attacks on pad directory and pad files enable authentication bypass and root file corruption
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7...
CVE-2026-44711
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7...
pam_usb 授权问题漏洞
pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 have a vulnerability related to authorization issues. This vulnerability stems from symbolic link attacks involving the pad directory and pad files,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: The abort logic in btrfsreplacefileextents has been fixed. Error injection testing revealed a case where a corrupt file system could occur, with an absent extent in the middle of a file. This occurs because the if statemen...
BIT-JRE-2022-34169 Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...
PT-2026-37959
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...
CVE-2026-27693
Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the KML and GPX export functionality writes device names to XML output without proper escaping. An attacker with low privileges can create a device with a crafted name that injects XML...
GHSA-5368-6H4H-GR29 Spring Boot's PID file write follows symlinks at predictable default path
When an application is configured to use ApplicationPidFileWriter, a local attacker with write access to the PID file's location can corrupt one file on the host each time the application is started. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15 fix 3.4.16,...
CVE-2026-40977
When an application is configured to use ApplicationPidFileWriter, a local attacker with write access to the PID file's location can corrupt one file on the host each time the application is started. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15 fix 3.4.16,...
VMware Spring Boot 后置链接漏洞
VMware Spring Boot is an open-source framework developed by the American company VMware. Vulnerabilities exist in versions 4.0.0 to 4.0.5, 3.5.0 to 3.5.13, 3.4.0 to 3.4.15, 3.3.0 to 3.3.18, and 2.7.0 to 2.7.32 of VMware Spring Boot. These vulnerabilities stem from issues with PID files and symbol...
CVE-2026-40977
When an application is configured to use ApplicationPidFileWriter, a local attacker with write access to the PID file's location can corrupt one file on the host each time the application is started. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15 fix 3.4.16,...
CVE-2026-33028 Nginx UI: Race Condition Leads to Persistent Data Corruption and Service Collapse
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, the nginx-ui application is vulnerable to a Race Condition. Due to the complete absence of synchronization mechanisms Mutex and non-atomic file writes, concurrent requests lead to the severe corruption of the prima...
CVE-2026-25636
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...
CVE-2026-25636
Calibre CVE-2026-25636 is a path-traversal vulnerability in EPUB conversion that, in 9.1.0 and earlier, allows a malicious EPUB to cause arbitrary files writable by the Calibre process to be corrupted by resolving CipherReference URIs from META-INF/encryption.xml to absolute paths outside the ext...
CVE-2026-25636 calibre has a Path Traversal Leading to Arbitrary File Corruption and Code Execution
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...
CVE-2026-25636 calibre has a Path Traversal Leading to Arbitrary File Corruption and Code Execution
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...
CVE-2026-25636 calibre has a Path Traversal Leading to Arbitrary File Corruption and Code Execution
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Filelock vulnerabilities (USN-7999-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7999-1 advisory. It was discovered that Filelock incorrectly handled symlinks in temp files. A local attacker could possibly use this...