Lucene search
K

12 matches found

RedHat Linux
RedHat Linux
added 4 days ago8 views

kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath

A flaw was found in the Linux kernel's CIFS Common Internet File System client. When the cifssanitizeprepath function processes specially crafted input, such as an empty string or a string containing only delimiters, it can attempt to read data beyond its allocated memory buffer. This out-of-boun...

8.8CVSS5.8AI score0.00339EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fixed an out-of-bounds read in cifssanitizeprepath. When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., /, the current logic attempts to check cursor2 - 1 before...

8.8CVSS6.1AI score0.00339EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.11 views

SUSE CVE-2026-43112

In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., "/", the current logic attempts to check cursor2 - 1 before cursor2...

5.5CVSS5.8AI score0.00339EPSS
Exploits0References15
EUVD
EUVD
added 2026/05/06 12:30 p.m.7 views

EUVD-2026-27634

In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., "/", the current logic attempts to check cursor2 - 1 before cursor2...

5.8AI score0.00339EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:40 a.m.10 views

CVE-2026-43112

In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., "/", the current logic attempts to check cursor2 - 1 before cursor2...

8.8CVSS5.8AI score0.00339EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/05/06 7:40 a.m.33 views

CVE-2026-43112 fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath

In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., "/", the current logic attempts to check cursor2 - 1 before cursor2...

8.8CVSS0.00339EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the cifssanitizeprepath function not properly checking pointer boundaries when dealing with empty...

8.8CVSS5.8AI score0.00339EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43112

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/smb/client: fix out-of-bounds read in cifssanitizeprepath When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g....

8.8CVSS6.8AI score0.00339EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37422

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the cifs sanitize prepath function. This occurs when the function is called with an empty string or a string consisting solely of delimiters, such as "/"...

9.1CVSS7.6AI score0.00442EPSS
Exploits4References425
ATTACKERKB
ATTACKERKB
added 2026/04/21 2:22 p.m.7 views

CVE-2026-5789

Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:\Program...

8.5CVSS6.1AI score0.00139EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/21 2:22 p.m.7 views

CVE-2026-5789 Search path without quotes in CivetWeb

Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path C:\Program...

8.5CVSS6.1AI score0.00139EPSS
Exploits0References1
Prion
Prion
added 2009/10/13 10:30 a.m.13 views

Directory traversal

Directory traversal vulnerability in config/config.php in ezRecipe-Zee 91, when registerglobals is enabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the cfgprePath parameter...

6.8CVSS7.6AI score0.01896EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder