Lucene search
K

13 matches found

Rockylinux
Rockylinux
added 3 days ago9 views

container-tools:rhel8 security, bug fix, and enhancement update

An update is available for module.netavark, module.runc, slirp4netns, module.libslirp, criu, module.udica, module.oci-seccomp-bpf-hook, udica, toolbox, netavark, container-selinux, module.python-podman, module.crun, python-podman, module.containers-common, module.conmon, oci-seccomp-bpf-hook,...

7.5CVSS6.8AI score0.00728EPSS
Exploits0
EUVD
EUVD
added 2026/06/17 6:11 p.m.13 views

EUVD-2026-36728

Multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads...

7.5CVSS5.2AI score0.00278EPSS
Exploits0References3
CVE
CVE
added 2026/06/15 2:23 p.m.57 views

CVE-2026-5038

MULTER CVE-2026-5038 affects multer’s diskStorage: versions 2.0.0-alpha.1–2.1.1 and 3.0.0-alpha.1 are vulnerable. The root cause is that Readable.pipe() does not propagate the stream destroy signal to the underlying fs.WriteStream, allowing aborted or malformed multipart uploads to leave orphaned...

7.5CVSS5.3AI score0.00278EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/15 2:23 p.m.34 views

CVE-2026-5038 multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads

Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...

5.3CVSS0.00278EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/15 2:23 p.m.7 views

CVE-2026-5038 multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads

Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...

5.3CVSS5.4AI score0.00278EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49242

Name of the Vulnerable Software and Affected Versions multer versions 2.0.0-alpha.1 through 2.1.1 multer version 3.0.0-alpha.1 Description A Denial of Service issue exists when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe...

7.5CVSS5.3AI score0.00278EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/13 12:34 a.m.10 views

EUVD-2026-36628

Capgo before 12.128.2 fails to delete previously uploaded profile images from backend storage when users replace or remove them. Attackers can access orphaned image files through previously generated URLs, allowing unauthorized retrieval of user-uploaded content...

5.3CVSS5.2AI score0.00183EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.9 views

PT-2026-49044

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description The software fails to delete previously uploaded profile images from backend storage when users replace or remove them. This results in orphaned image files that can be accessed by attackers through...

5.3CVSS5.2AI score0.00183EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-7908

Malware in sbrugna...

6.5CVSS6.8AI score0.01157EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2019/03/18 12:0 a.m.8 views

Linux: Orphaned files or directories

If any unowned file or directory exist on the host and a new user is created, it could happen that the user gets the same UID as the unowned file or directory. This user automatically becomes the owner of such files or directories. This script tests if any orphaned file or directory exist on the...

7.3AI score
Exploits0References4
Prion
Prion
added 2018/10/03 4:29 p.m.29 views

Design/Logic Flaw

An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Orphaned Upload Files Exposure...

4CVSS6.2AI score0.01157EPSS
Exploits1References2Affected Software1
FreeBSD
FreeBSD
added 2018/08/28 12:0 a.m.302 views

Gitlab -- multiple vulnerabilities

Gitlab reports: Persistent XSS in Pipeline Tooltip GitLab.com GCP Endpoints Exposure Persistent XSS in Merge Request Changes View Sensitive Data Disclosure in Sidekiq Logs Missing CSRF in System Hooks Orphaned Upload Files Exposure Missing Authorization Control API Repository Storage...

0.8AI score
Exploits0References1
OSV
OSV
added 2015/12/07 2:22 p.m.8 views

SUSE-SU-2015:2219-1 Security update for openstack-nova

This update for openstack-nova provides various fixes and improvements: - Fix regression where launched instances in tenants not visible for other users. bsc927625 - Remove error messages from multipath command output before parsing. bsc949529 - Fix live-migration usage of the wrong connector...

6.8CVSS4.8AI score0.0367EPSS
Exploits0References11
Rows per page
Query Builder