Lucene search
K

11 matches found

Mageia
Mageia
added 2026/06/12 11:28 p.m.12 views

Updated libssh packages fix security vulnerabilities

CVE-2026-0964 Improper sanitation of paths received from SCP servers CVE-2026-0965 The libssh can attempt to read non-regular files when misconfigured, which could cause resource exhaustion or blocking. CVE-2026-0966 Providing 0-length input for the sshgethexa causes 1-byte buffer underflow on...

8.2CVSS5.7AI score0.00582EPSS
Exploits0References7
OSV
OSV
added 2026/05/22 4:34 p.m.6 views

CLSA-2026-1779467653 libssh: Fix of 4 CVEs

CVE-2025-4877: prevent base64 integer overflow and potential OOB write - CVE-2025-4878: initialize stack pointers to mitigate use of uninitialized values in legacy privatekeyfromfile path - CVE-2025-8277: fix DH-GEX packet filter and free unused ephemeral / ECDH keys to prevent memory exhaustion...

4.5CVSS5.9AI score0.00375EPSS
Exploits0References1
OSV
OSV
added 2026/04/22 6:31 p.m.10 views

GHSA-RX8H-33GR-VHJ9 uutils coreutils' comm utility incorrectly consumes data from non-regular file inputs before performing comparison operations

The comm utility in uutils coreutils incorrectly consumes data from non-regular file inputs before performing comparison operations. The arefilesidentical function opens and reads from both input paths to compare content without first verifying if the paths refer to regular files. If an input pat...

4.4CVSS5.8AI score0.00134EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.7 views

PT-2026-20979

Name of the Vulnerable Software and Affected Versions libssh versions prior to 0.11.4-1.1 Description A denial of service condition can occur due to a malformed SFTP message. Recommendations Update to version 0.11.4-1.1 or later...

10CVSS6.2AI score0.00582EPSS
Exploits0References108
OSV
OSV
added 2024/08/01 6:35 a.m.5 views

USN-6940-1 snapd vulnerabilities

Neil McPhail discovered that snapd did not properly restrict writes to the $HOME/bin path in the AppArmor profile for snaps using the home plug. An attacker who could convince a user to install a malicious snap could use this vulnerability to escape the snap sandbox. CVE-2024-1724 Zeyad Gouda...

8.2CVSS5.7AI score0.00306EPSS
Exploits1References4
OSV
OSV
added 2024/07/25 8:15 p.m.2 views

DEBIAN-CVE-2024-29068

In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. The snap format is a squashfs file-system image and so can contain files that are non-regular files such as pipes or sockets etc. Various file entries within the snap squashfs image such as icons...

6.6CVSS5.3AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2024/05/23 11:7 a.m.26 views

CVE-2021-47491

In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened readonly and mapped with VMEXEC. The intended usecase is to avoid TLB misses for large text segments...

5.5CVSS6.4AI score0.0021EPSS
Exploits0References4
OSV
OSV
added 2024/05/22 9:15 a.m.2 views

DEBIAN-CVE-2021-47491

In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will collapse THP for files opened readonly and mapped with VMEXEC. The intended usecase is to avoid TLB misses for large text segments...

5.5CVSS5.8AI score0.0021EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/03/14 12:0 a.m.19 views

CVE-2024-29068

In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. The snap format is a squashfs file-system image and so can contain files that are non-regular files such as pipes or sockets etc. Various file entries within the snap squashfs image such as icons...

6.6CVSS5.9AI score0.00212EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/03/14 12:0 a.m.5 views

PT-2024-6102 · Canonical +3 · Snapd +4

Name of the Vulnerable Software and Affected Versions: snapd versions prior to 2.62 Description: The issue is related to the improper checking of file types when extracting a snap. The snap format, being a squashfs file-system image, can contain non-regular files such as pipes or sockets. When...

8.2CVSS6.7AI score0.00826EPSS
Exploits2References32
OSV
OSV
added 2024/03/14 12:0 a.m.5 views

UBUNTU-CVE-2024-29068

In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. The snap format is a squashfs file-system image and so can contain files that are non-regular files such as pipes or sockets etc. Various file entries within the snap squashfs image such as icons...

6.6CVSS5.8AI score0.00212EPSS
Exploits0References5
Rows per page
Query Builder