Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

17 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-16826

Malware in sbrugna...

5.9CVSS5.9AI score0.00829EPSS
Exploits1References10
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-11471

Malware in sbrugna...

7.5CVSS7.4AI score0.00059EPSS
Exploits1References4
OSV
OSVadded 2021/04/23 10:53 p.m.11 views

MGASA-2021-0196 Updated krb5-appl packages fix security vulnerabilities

An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned only directory traversa...

7.5CVSS6.2AI score0.00522EPSS
Exploits2References3
RedhatCVE
RedhatCVEadded 2021/02/10 5:35 p.m.45 views

CVE-2019-25018

In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side. NOTE: MIT...

7.5CVSS4.3AI score0.03377EPSS
Exploits2References4
NVD
NVDadded 2021/02/02 6:15 p.m.28 views

CVE-2019-25018

In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side. NOTE: MIT...

7.5CVSS0.00059EPSS
Exploits1References1
OSV
OSVadded 2021/02/02 6:15 p.m.36 views

CVE-2019-25018

In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side. NOTE: MIT...

7.5CVSS7AI score
Exploits0References1
Prion
Prionadded 2021/02/02 6:15 p.m.33 views

Design/Logic Flaw

In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side. NOTE: MIT...

5CVSS6.1AI score0.03377EPSS
Exploits2References1Affected Software1
CVE
CVEadded 2021/02/02 5:23 p.m.91 views

CVE-2019-25018

Technical details for CVE-2019-25018 are not present in the provided documents. No affected product/version or impact is detailed beyond the Initial Description. Monitor for updates.

7.5CVSS6.4AI score0.00059EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2021/02/02 5:23 p.m.36 views

CVE-2019-25018

In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side. NOTE: MIT...

6.5AI score0.00059EPSS
Exploits1References1
CNNVD
CNNVDadded 2021/02/02 12:0 a.m.1 views

MIT Kerberos Security Vulnerability

MIT Kerberos is a Massachusetts Institute of Technology MIT software for authentication in network clusters.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications through a key system. A security vulnerability in...

5.9CVSS6.4AI score0.00522EPSS
Exploits1References4
CNVD
CNVDadded 2019/02/14 12:0 a.m.1 views

NetKit Privilege Permission and Access Control Vulnerabilities

NetKit is a network environment simulation system. A security vulnerability exists in the rcp.c file of the rcp client in NetKit 0.17 and earlier versions. An attacker can exploit the vulnerability to bypass access with the help of . or an empty filename to bypass access restrictions...

5.9CVSS6.8AI score0.00829EPSS
Exploits1References1
Prion
Prionadded 2019/01/31 6:29 p.m.34 views

Design/Logic Flaw

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685...

4.3CVSS6AI score0.03377EPSS
Exploits1References6Affected Software3
UbuntuCve
UbuntuCveadded 2019/01/31 6:29 p.m.29 views

CVE-2019-7282

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685...

5.9CVSS6.6AI score0.00829EPSS
Exploits1References4
OSV
OSVadded 2019/01/31 6:29 p.m.13 views

CVE-2019-7283

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...

7.4CVSS6.4AI score
Exploits0References3
OSV
OSVadded 2019/01/31 6:29 p.m.12 views

CVE-2019-7282

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685...

5.9CVSS6.2AI score
Exploits0References6
Debian CVE
Debian CVEadded 2019/01/31 6:0 p.m.43 views

CVE-2019-7282

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685...

5.9CVSS6.9AI score0.00829EPSS
Exploits1
Positive Technologies
Positive Technologiesadded 2019/01/26 12:0 a.m.1 views

PT-2019-6235 · Netkit · Netkit

Name of the Vulnerable Software and Affected Versions: NetKit versions through 0.17 Description: The issue allows a malicious rsh server or a Man-in-The-Middle attacker to overwrite arbitrary files in a directory on the rcp client machine due to the rcp client only performing cursory validation o...

8.8CVSS6AI score0.00829EPSS
Exploits2References28
Rows per page
Query Builder