Lucene search
+L

268 matches found

nessus
nessus
added 2026/07/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-44941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A relative path traversal in the keyhint option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository ...

8.8CVSS6AI score0.00533EPSS
Exploits1References3
osv
osv
added 2026/07/02 4:16 p.m.5 views

DEBIAN-CVE-2026-44941

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.8CVSS5.9AI score0.00533EPSS
Exploits1References1
nvd
nvd
added 2026/07/02 4:16 p.m.8 views

CVE-2026-44941

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.8CVSS0.00533EPSS
Exploits1References2
osv
osv
added 2026/07/02 4:16 p.m.4 views

UBUNTU-CVE-2026-44941

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.8CVSS5.9AI score0.00533EPSS
Exploits1References4
cvelist
cvelist
added 2026/07/02 3:19 p.m.40 views

CVE-2026-44941 libzypp path traversal via "keyhint" in repomd.xml

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.4CVSS0.00533EPSS
Exploits1References2
debiancve
debiancve
added 2026/07/02 3:19 p.m.8 views

CVE-2026-44941

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.8CVSS5.9AI score0.00533EPSS
Exploits1
attackerkb
attackerkb
added 2026/07/02 3:19 p.m.8 views

CVE-2026-44941

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.4CVSS5.8AI score0.00533EPSS
Exploits1References3
euvd
euvd
added 2026/07/02 3:19 p.m.7 views

EUVD-2026-41406

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.4CVSS5.8AI score0.00533EPSS
Exploits1References2
cve
cve
added 2026/07/02 3:19 p.m.54 views

CVE-2026-44941

CVE-2026-44941: libzypp path traversal via the keyhint option in repomd.xml parsing was fixed in libzypp 17.38.13. The issue allowed a malicious repository to inject/overwrite files as root due to treating keyhint as a path. The remediation is to upgrade libzypp components (and related libsolv/li...

8.8CVSS5.8AI score0.00533EPSS
Exploits1References2Affected Software1
vulnrichment
vulnrichment
added 2026/07/02 3:19 p.m.12 views

CVE-2026-44941 libzypp path traversal via "keyhint" in repomd.xml

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.4CVSS5.8AI score0.00533EPSS
Exploits1References2
osv
osv
added 2026/07/02 3:19 p.m.5 views

CVE-2026-44941 libzypp path traversal via "keyhint" in repomd.xml

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...

8.4CVSS5.9AI score0.00533EPSS
Exploits1References5
opensuse
opensuse
added 2026/06/30 12:0 a.m.4 views

Security update for zypper, libzypp, libsolv (important)

openSUSE security update: security update for zypper, libzypp, libsolv ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21096-1 Rating: important References: bsc1239718 bsc1246504 bsc1253193 bsc1259706 bsc1259802 bsc1259842 bsc1265223 bsc1265935...

8.7CVSS6.2AI score0.006EPSS
Exploits1References12
nessus
nessus
added 2026/06/30 12:0 a.m.7 views

SUSE SLED15: libsolv-devel / libsolv-tools / libsolv-tools-base / libzypp / etc (SUSE-SU-2026:2674-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2674-1 advisory. This update for libsolv, libzypp, zypper fixes the following issues - CVE-2026-9149: Heap buffer overflow in...

8.8CVSS6.4AI score0.006EPSS
Exploits1References36
nessus
nessus
added 2026/06/30 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-25707

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to...

8.8CVSS6AI score0.006EPSS
Exploits0References3
nvd
nvd
added 2026/06/29 10:16 a.m.9 views

CVE-2026-25707

A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation...

8.8CVSS0.006EPSS
Exploits0References2
osv
osv
added 2026/06/29 10:16 a.m.5 views

DEBIAN-CVE-2026-25707

A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation...

8.8CVSS5.8AI score0.006EPSS
Exploits0References1
osv
osv
added 2026/06/29 10:16 a.m.4 views

UBUNTU-CVE-2026-25707

A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation...

8.8CVSS5.8AI score0.006EPSS
Exploits0References3
cve
cve
added 2026/06/29 10:4 a.m.52 views

CVE-2026-25707

Summary of vulnerability (CVE-2026-25707) : A relative path traversal in libzypp’s repository metadata processing (prior to version 17.38.10) could allow remote repository authors to overwrite local files, potentially leading to denial of service or privilege escalation. Connected advisories indi...

8.8CVSS5.8AI score0.006EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/06/29 10:4 a.m.8 views

CVE-2026-25707

A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation...

8.8CVSS5.8AI score0.006EPSS
Exploits0References3
euvd
euvd
added 2026/06/29 10:4 a.m.7 views

EUVD-2026-40062

A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation...

8.8CVSS5.8AI score0.006EPSS
Exploits0References2
Rows per page
Query Builder