4 matches found
CLSA-2026-1777051205 zsh: Fix of 3 CVEs
CVE-2018-1071: check bounds when copying path in hashcmd - CVE-2018-7549: avoid crash copying empty hash table - CVE-2018-13259: fix shebang line truncation in zexecve...
PT-2026-24642
Summary The confluence download attachment MCP tool accepts a download path parameter that is written to without any directory boundary enforcement. An attacker who can call this tool and supply or access a Confluence attachment with malicious content can write arbitrary content to any path the...
SUSE-SU-2025:21077-1 Security update for curl
This update for curl fixes the following issues: - CVE-2025-9086: Fixed Out of bounds read for cookie path bsc1249191 - CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes bsc1253757 - CVE-2025-10148: Fixed predictable WebSocket mask bsc1249348 Other fixes: - tooloperate: fix...
CVE-2025-38652
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touc...