801 matches found
CVE-2026-45042
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, improper authorization in the UploadPartCopy operation allows copying objects across buckets without enforcing destination bucket restrictions on allowed copy sources. The implementation validates GetObject...
MINI-PH57-383V-QH32
Bulletin has no description...
MINI-27C5-26VG-QFPV
Bulletin has no description...
MINI-6586-5J6W-V45G
Bulletin has no description...
MINI-3MWR-4X5C-7Q5W
Bulletin has no description...
MINI-8M4P-F26H-PM66
Bulletin has no description...
MINI-P886-399J-3GFV
Bulletin has no description...
MINI-4M62-97XG-3FRW
Bulletin has no description...
MINI-QWV2-3G84-F95M
Bulletin has no description...
MINI-P578-78HM-CRGR
Bulletin has no description...
MINI-F9XJ-9F5R-7P4G
Bulletin has no description...
crypto/x509: Incorrect enforcement of email constraints in crypto/x509
A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly...
CVE-2026-45042
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, improper authorization in the UploadPartCopy operation allows copying objects across buckets without enforcing destination bucket restrictions on allowed copy sources. The implementation validates GetObject...
CVE-2026-45042
RustFS is a distributed object storage system in Rust. Prior to 1.0.0-beta.2, the UploadPartCopy operation could copy objects across buckets without enforcing destination bucket policy on the source, because the implementation separately validates GetObject on the source and PutObject on the dest...
SUSE CVE-2026-45892
In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache after doing PARTIALVALID1 zeroout When splitting an unwritten extent in the middle and converting it to initialized in ext4splitextent with the EXT4EXTMAYZEROOUT and EXT4EXTDATAVALID2 flags set, it could...
rustfs 安全漏洞
RustFS is a high-performance object storage system developed by RustFS. Versions of RustFS prior to 1.0.0-beta.2 contained a security vulnerability. This vulnerability stemmed from improper authorization in the UploadPartCopy operation, allowing objects to be copied across buckets without enforci...
CVE-2026-8468
Allocation of Resources Without Limits or Throttling vulnerability in plugproject plug allows denial of service via unbounded buffer accumulation in multipart header parsing. 'Elixir.Plug.Conn':readpartheaders/2 in lib/plug/conn.ex does not obey its :length parameter. There is no upper bound on t...
MINI-329C-HF9C-6X58
Bulletin has no description...
CVE-2026-45892
CVE-2026-45892 affects the Linux kernel ext4 extent handling. The issue occurs when splitting an unwritten extent in the middle with EXT4_EXT_MAY_ZEROOUT and EXT4_EXT_DATA_VALID2, potentially leaving a stale unwritten extent in the extent status tree after maps are updated. The mitigation is a pa...
CVE-2026-45892
In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache after doing PARTIALVALID1 zeroout When splitting an unwritten extent in the middle and converting it to initialized in ext4splitextent with the EXT4EXTMAYZEROOUT and EXT4EXTDATAVALID2 flags set, it could...