Lucene search
K

159 matches found

Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.6 views

PT-2025-15242 · Unknown · Pcman Ftp Server

Name of the Vulnerable Software and Affected Versions: PCMan FTP Server version 2.0.7 Description: A critical issue was found in the MKDIR Command Handler component, affecting an unknown function, which leads to a buffer overflow. This issue can be exploited remotely. Recommendations: For PCMan F...

9.8CVSS7.2AI score0.00658EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/04/07 12:0 a.m.4 views

PCMan FTP Server 安全漏洞

PCMan FTP Server is PCMan open source set of FTP software. PCMan FTP Server suffers from a buffer overflow vulnerability that originates from MKDIR Command Handler failing to properly validate the length and size of input data, which can be exploited by an attacker to cause a denial of service...

9.8CVSS7.1AI score0.00658EPSS
Exploits1References4
OSV
OSV
added 2024/09/18 7:15 a.m.13 views

AZL-49389 CVE-2024-46721 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix possible NULL pointer dereference profile-parent-dentsAAFSPROFDIR could be NULL only if its parent is made from createmissingancestors.. and 'ent-old' is NULL in aareplaceprofiles... In that case, it must return an...

5.5CVSS6.4AI score0.00233EPSS
Exploits0References1
OSV
OSV
added 2024/09/03 7:15 p.m.14 views

AZL-48581 CVE-2024-45310 affecting package kubernetes 1.28.4-25

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...

3.6CVSS7AI score0.00317EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/17 8:54 a.m.21 views

CVE-2024-42273 f2fs: assign CURSEG_ALL_DATA_ATGC if blkaddr is valid

In the Linux kernel, the following vulnerability has been resolved: f2fs: assign CURSEGALLDATAATGC if blkaddr is valid mkdir /mnt/test/comp f2fsio setflags compression /mnt/test/comp dd if=/dev/zero of=/mnt/test/comp/testfile bs=16k count=1 truncate --size 13 /mnt/test/comp/testfile In the above...

0.00222EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.3 views

kernel: ovl: fix warning in ovl_create_real()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/06/21 3:52 a.m.4 views

SUSE CVE-2021-47579

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

3.3CVSS5.8AI score0.00235EPSS
Exploits0References3
OSV
OSV
added 2024/06/19 3:15 p.m.5 views

UBUNTU-CVE-2021-47579

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

5.5CVSS6.1AI score0.00235EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/06/19 2:53 p.m.22 views

CVE-2021-47579 ovl: fix warning in ovl_create_real()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

6.6AI score0.00235EPSS
Exploits0References5
CVE
CVE
added 2024/06/19 2:53 p.m.158 views

CVE-2021-47579

Mode C: CVE-2021-47579 affects the Linux kernel overlayfs component (ovl) with a WARN_ON path in ovl_workdir_create() when mkdir returns a dentry without an inode (not instantiated). The fix, described in the connected advisories, calls ovl_mkdir_real() directly from ovl_workdir_create() and reje...

5.5CVSS6.5AI score0.00235EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2024/06/19 2:53 p.m.28 views

CVE-2021-47579 ovl: fix warning in ovl_create_real()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

0.00235EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.8 views

Fedora: Security Advisory for rust-uu_mkdir (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OSV
OSV
added 2024/05/14 10:33 a.m.69 views

BIT-PYTHON-2024-4030

On Windows a directory returned by tempfile.mkdtemp would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile...

7.1CVSS7.1AI score0.003EPSS
Exploits0References15
Vulnrichment
Vulnrichment
added 2024/05/07 9:2 p.m.26 views

CVE-2024-4030 tempfile.mkdtemp() may be readable and writeable by all users on Windows

On Windows a directory returned by tempfile.mkdtemp would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile...

6.8AI score0.003EPSS
Exploits0References15
OSV
OSV
added 2024/05/03 3:15 a.m.3 views

CVE-2023-40499

LG Simple Editor mkdir Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

9.1CVSS6AI score0.01998EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.5 views

kernel: ovl: fix warning in ovl_create_real()

In the Linux kernel, the following vulnerability has been resolved: ovl: fix warning in ovlcreatereal Syzbot triggered the following warning in ovlworkdircreate - ovlcreatereal: if !err && WARNON!newdentry-dinode The reason is that the cgroup2 filesystem returns from mkdir without instantiating t...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References5
NVD
NVD
added 2023/09/27 3:19 p.m.23 views

CVE-2023-42657

In WSFTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered. An attacker could leverage this vulnerability to perform file operations delete, rename, rmdir, mkdir on files and folders outside of their authorized WSFTP folder path. Attackers could also...

9.9CVSS9.5AI score0.17025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/06/28 12:0 a.m.17 views

openSUSE 15 Security Update : guile1, lilypond (openSUSE-SU-2023:0137-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0137-1 advisory. - The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other...

8.6CVSS7.2AI score0.02788EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:57 a.m.3 views

SUSE CVE-2016-8605

The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. Th...

5.3CVSS6.7AI score0.02788EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/02/13 12:0 a.m.5 views

WordPress plugin WP Customer Area 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

7.1CVSS6.9AI score0.00276EPSS
Exploits1References2
Rows per page
Query Builder