Lucene search
K

6 matches found

RedHat Linux
RedHat Linux
added 2026/06/10 8:9 p.m.19 views

kernel: smb: client: fix OOB reads parsing symlink error response

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote, untrusted server could send a specially crafted symlink error response, leading to an out-of-bounds read vulnerability. This could result in the disclosure of sensitive information from the kernel's memory to a loca...

8.1CVSS6.7AI score0.00378EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/10 2:35 p.m.26 views

CVE-2026-48855 SFTP READLINK Leaks Absolute Backend Filesystem Path When Root Is Configured

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh sshsftpd module allows File Discovery. The SSHFXPREADLINK handler in sshsftpd sends the raw result of file:readlink/2 to the client without calling chrootfilename/2 to strip the backend root prefix. An...

2.3CVSS0.00277EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/10 2:35 p.m.10 views

EUVD-2026-36056

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh sshsftpd module allows File Discovery. The SSHFXPREADLINK handler in sshsftpd sends the raw result of file:readlink/2 to the client without calling chrootfilename/2 to strip the backend root prefix. An...

2.3CVSS5.5AI score0.00277EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.8 views

Erlang/OTP 信息泄露漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by Node.js’s built-in APIs. Erlang/OTP versions 3.0.1 to 6.0.1, 5.5.2.1, and 5.2.11.8 have a vulnerability known as information leakage. This vulnerability stems from the SSHFXPREADLI...

6.5CVSS5.3AI score0.00277EPSS
Exploits0References1
OSV
OSV
added 2026/04/24 3:16 p.m.6 views

DEBIAN-CVE-2026-31613

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads parsing symlink error response When a CREATE returns STATUSSTOPPEDONSYMLINK, smb2checkmessage returns success without any length validation, leaving the symlink parsers as the only defense against an...

8.1CVSS5.4AI score0.00378EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/24 2:42 p.m.32 views

CVE-2026-31613 smb: client: fix OOB reads parsing symlink error response

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads parsing symlink error response When a CREATE returns STATUSSTOPPEDONSYMLINK, smb2checkmessage returns success without any length validation, leaving the symlink parsers as the only defense against an...

8.1CVSS0.00378EPSS
Exploits0References7
Rows per page
Query Builder