Lucene search
K

159 matches found

EUVD
EUVD
added 2026/04/22 3:31 p.m.8 views

EUVD-2026-24784

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails in this example, because the file system disabled th...

5.7AI score0.00433EPSS
Exploits0References7
CVE
CVE
added 2026/04/22 1:53 p.m.39 views

CVE-2026-31448

CVE-2026-31448 concerns the Linux kernel ext4 filesystem. The issue arises on mkdir/mknod when an extent insertion fails and ext4_ext_map_blocks() reclaims blocks without removing corresponding data from the extent tree, allowing the same physical block to be referenced by both directory and xatt...

9.4CVSS5.7AI score0.00433EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/22 1:53 p.m.6 views

CVE-2026-31448

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails in this example, because the file system disabled th...

5.7AI score0.00433EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-31448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the...

9.4CVSS6.7AI score0.00433EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.10 views

PT-2026-34489

Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description The mkdir utility incorrectly applies permissions when the -m flag is used. The utility creates a directory with umask-derived permissions typically 0755 and then changes them to the...

3.3CVSS5.9AI score0.00102EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-35353

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mkdir utility in uutils coreutils incorrectly applies permissions when using the -m flag by creating a directory with umask-derived permissions typically 07...

3.3CVSS5.8AI score0.00102EPSS
Exploits0References3
OSV
OSV
added 2026/04/10 8:0 p.m.4 views

GHSA-WVHV-QCQF-F3CX goshs has a file-based ACL authorization bypass in goshs state-changing routes

Summary goshs enforces the documented per-folder .goshs ACL/basic-auth mechanism for directory listings and file reads, but it does not enforce the same authorization checks for state-changing routes. An unauthenticated attacker can upload files with PUT, upload files with multipart POST /upload,...

9.8CVSS6AI score0.00651EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/02/05 7:23 p.m.4 views

CVE-2026-25121

apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package e.g., via a compromised or typosquatte...

7.5CVSS5.4AI score0.00369EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/04 7:2 p.m.9 views

EUVD-2026-5380

apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package e.g., via a compromised or typosquatte...

7.5CVSS5.4AI score0.00369EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/04 7:2 p.m.3 views

CVE-2026-25121 apko is vulnerable to path traversal in apko dirFS which allows filesystem writes outside base

apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package e.g., via a compromised or typosquatte...

7.5CVSS5.4AI score0.00369EPSS
Exploits0References2
OSV
OSV
added 2026/02/03 11:57 p.m.4 views

GHSA-5G94-C2WX-8PXW apko has a path traversal in apko dirFS which allows filesystem writes outside base

A Path Traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package e.g., via a compromised or typosquatted repository could create directories or symlinks outside the intended installation root. The MkdirAll, Mkdir, and Symlink...

7.5CVSS5.4AI score0.00369EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.4 views

PT-2026-6368

A Path Traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package e.g., via a compromised or typosquatted repository could create directories or symlinks outside the intended installation root. The MkdirAll, Mkdir, and Symlink...

7.5CVSS5.5AI score0.00369EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-22071)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22071 advisory. - In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak in spufscreatecontext...

5.5CVSS6.7AI score0.00185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992769)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992769 advisory. In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak in spufscreatecontext Leak fixes back in 2008 missed one case - if we are tryin...

5.5CVSS6.2AI score0.00185EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/10 10:42 a.m.12 views

CVE-2025-40307

In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap syzbot created an exfat image with cluster bits not set for the allocation bitmap. exfat-fs reads and uses the allocation bitmap without checking this. The problem ...

7CVSS5.8AI score0.00164EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/12/09 12:24 a.m.9 views

SUSE CVE-2025-40307

In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap syzbot created an exfat image with cluster bits not set for the allocation bitmap. exfat-fs reads and uses the allocation bitmap without checking this. The problem ...

5.5CVSS6.2AI score0.00164EPSS
Exploits0References20
EUVD
EUVD
added 2025/12/08 3:31 a.m.6 views

EUVD-2025-201638

In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap syzbot created an exfat image with cluster bits not set for the allocation bitmap. exfat-fs reads and uses the allocation bitmap without checking this. The problem ...

5.9AI score0.00164EPSS
Exploits0References4
NVD
NVD
added 2025/12/08 1:16 a.m.7 views

CVE-2025-40307

In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap syzbot created an exfat image with cluster bits not set for the allocation bitmap. exfat-fs reads and uses the allocation bitmap without checking this. The problem ...

0.00164EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/08 12:46 a.m.26 views

CVE-2025-40307 exfat: validate cluster allocation bits of the allocation bitmap

In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap syzbot created an exfat image with cluster bits not set for the allocation bitmap. exfat-fs reads and uses the allocation bitmap without checking this. The problem ...

0.00164EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990552)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990552 advisory. In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate -...

5.5CVSS5.9AI score0.00235EPSS
Exploits0References4
Rows per page
Query Builder