Lucene search
+L

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.10 views

CVE-2026-43419

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leaks in cephmdscbuildpath Add putname calls to error code paths that did not free the "path" pointer obtained by getname. If ownership of this pointer is not passed to the caller via pathinfo.path, the function...

5.8AI score0.00122EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.2 views

EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2025-2326)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject...

8.2CVSS6.3AI score0.01185EPSS
Exploits0References2
OSV
OSV
added 2024/11/19 8:36 p.m.15 views

GHSA-HRXH-9W67-G4CV Rclone has Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata

tl;dr: unprivileged user creates a symlink to /etc/sudoers, /etc/shadow or similar and waits for a privileged user or process to copy/backup/mirror users data using --links and --metadata. unprivileged user now owns /etc/sudoers. Summary Insecure handling of symlinks with --links and --metadata i...

5.5CVSS5.7AI score0.00214EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/11/15 5:15 p.m.26 views

CVE-2024-52522 Rclone Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target...

5.4CVSS0.00214EPSS
Exploits0References2
Rows per page
Query Builder