116 matches found
CVE-2026-46492
creationtimestamp| type| source ---|---|--- 2026-05-14 19:57:57+00:00| published-proof-of-concept| https://github.com/commenthol/md-fileserver/security/advisories/GHSA-32q2-hhr5-6qvv...
Improper Neutralization of Equivalent Special Elements
Overview github.com/caddyserver/caddy/v2/modules/caddyhttp/fileserver is a fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS Affected versions of this package are vulnerable to Improper Neutralization of Equivalent Special Elements in matcher.go, when matching filenam...
WeKan 访问控制错误漏洞
WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan 8.20 and earlier contained a security vulnerability related to access control. This vulnerability stemmed from improper handling of files in the “Fileserver/methods/fixDuplicateLists.js” component by the...
EUVD-2012-4528
Malware in sbrugna...
EUVD-2016-10573
Malware in sbrugna...
EUVD-2009-2539
Malware in sbrugna...
EUVD-2020-1326
Malware in sbrugna...
EUVD-2024-33419
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-3088
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an...
ClearML < 1.16.0 Unauthenticated File Access
According to its banner, the version of ClearML running on the remote host is 1.16.0. It is, therefore, affected by an Unauthenticated File Access due to the lack of authentication of the fileserver component. Note that the scanner has not tested for these issues but has instead relied only on th...
[SECURITY] [DLA 4168-1] openafs security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4168-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz May 17, 2025 https://wiki.debian.org/LTS -...
Linux Distros Unpatched Vulnerability : CVE-2024-10396
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and...
copyparty renders unsanitized filenames as HTML when user uploads empty files
Summary A DOM-Based XSS was discovered in copyparty, a portable fileserver. The vulnerability is considered low-risk. Details By handing someone a maliciously-named file, and then tricking them into dragging the file into copyparty's Web-UI, an attacker could execute arbitrary javascript with the...
MGASA-2025-0013 Updated openafs packages fix security vulnerabilities
A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix client. CVE-2024-10394 An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash. CVE-2024-10396 A malicious server can crash the OpenAFS cac...
[SECURITY] [DSA 5842-1] openafs security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5842-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 11, 2025 https://www.debian.org/security/faq -...
CVE-2024-10396
An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to...
DEBIAN-CVE-2024-10396
An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to...
CVE-2024-10396
An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to...
CVE-2024-10396 Fileserver crash and possible information leak on StoreACL/FetchACL
An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to...
CVE-2024-10396
CVE-2024-10396 affects the OpenAFS fileserver. A malformed ACL provided to the StoreACL RPC can crash the fileserver and may expose uninitialized memory or store garbage data in the audit log; malformed ACLs in FetchACL RPC responses can crash client processes and leak memory into other ACLs on t...