Lucene search
K

37 matches found

RedHat Linux
RedHat Linux
added 3 days ago7 views

Important: Red Hat Security Advisory: mariadb:10.11 security, bug fix, and enhancement update

An update for the mariadb:10.11 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

10CVSS6.3AI score0.00998EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 10:34 p.m.5 views

GO-2026-5458 File Browser has incorrect access control for public directory shares via rule path rebasing in github.com/filebrowser/filebrowser

File Browser has incorrect access control for public directory shares via rule path rebasing in github.com/filebrowser/filebrowser...

7.5CVSS5.8AI score0.00471EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 5:43 p.m.28 views

CVE-2026-54091 File Browser: Incorrect access control in public directory shares via rule path rebasing

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, File Browser's public share handlers rebase the share owner's filesystem root to the shared directory and then evaluate descendant paths agains...

7.5CVSS0.00471EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 5:43 p.m.28 views

CVE-2026-54091

CVE-2026-54091 : File Browser public shares allow information disclosure due to incorrect access control when rebasing the owner’s filesystem root for public share paths. Before 2.63.6, the public share handler sets d.user.Fs to a BasePathFs rooted at the shared directory and then checks access w...

7.5CVSS5.9AI score0.00471EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/12 9:53 p.m.12 views

File Browser has incorrect access control for public directory shares via rule path rebasing

Summary File Browser's public share handlers rebase the share owner's filesystem root to the shared directory and then evaluate descendant paths against the owner's global and per-user rules using the rebased relative path instead of the original path relative to the owner's scope. As a result, a...

7.5CVSS5.5AI score0.00471EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2026/06/12 9:53 p.m.7 views

GHSA-J9JX-HP4C-GHHH File Browser has incorrect access control for public directory shares via rule path rebasing

Summary File Browser's public share handlers rebase the share owner's filesystem root to the shared directory and then evaluate descendant paths against the owner's global and per-user rules using the rebased relative path instead of the original path relative to the owner's scope. As a result, a...

7.5CVSS5.6AI score0.00471EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.19 views

PT-2026-49064

Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.63.6 Description Public share handlers rebase the share owner's filesystem root to the shared directory and evaluate descendant paths against global and per-user rules using the rebased relative path instead of...

7.5CVSS5.9AI score0.00471EPSS
Exploits0References6
OSV
OSV
added 2025/09/06 8:45 a.m.5 views

CLSA-2025-1757148344 Update of kernel

Rebased FIPS patches to 5.14.0-570.35.1...

5.8AI score
Exploits0References1
Oracle linux
Oracle linux
added 2025/06/24 12:0 a.m.5 views

mod_proxy_cluster security update

1.3.22-1.el96.1 - Resolves: RHEL-81070 Rebase modproxycluster to upstream 1.3.22.Final release 1.3.20-1 - Rebase modcluster to upstream 1.3.20.Final tag - Related: RHEL-27497 - Rebase to upstream 1.3.20.Final release...

5.4CVSS7.3AI score0.0026EPSS
Exploits0
Oracle linux
Oracle linux
added 2025/05/22 12:0 a.m.19 views

php:8.2 security update

php 8.2.28-1 - rebase to 8.2.28 8.2.25-1 - rebase to 8.2.25 RHEL-65837 8.2.13-1 - rebase to 8.2.13 RHEL-14699 - add %phpize and %phpconfig macros - move httpd/nginx wants directives to config files in /etc - php-fpm.conf: move include directive after global section following upstream example,...

6.3CVSS6.6AI score0.02286EPSS
Exploits5
Vulnrichment
Vulnrichment
added 2024/07/16 5:37 p.m.19 views

CVE-2024-39700 Remote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub Action

JupyterLab extension template is a copier template for JupyterLab extensions. Repositories created using this template with test option include update-integration-tests.yml workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to...

9.9CVSS7AI score0.01024EPSS
Exploits3References2
Oracle linux
Oracle linux
added 2024/05/24 12:0 a.m.54 views

virt:ol and virt-devel:rhel security and enhancement update

hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix...

7CVSS8.3AI score0.01848EPSS
Exploits2
Code423n4
Code423n4
added 2023/12/20 12:0 a.m.51 views

Fee-on-transfer/rebasing tokens will have problems when swapping

Lines of code 110 Vulnerability details Uniswap v3 does not support rebasing or fee-on-transfer tokens so using these tokens with it will result funds getting stuck. With fee-on-transfer tokens, if the balance isn't checked, the wrong amount may be transferred out. With rebasing tokens, the...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/12/20 12:0 a.m.20 views

Fee-on-transfer/rebasing tokens will have problems when swapping

Lines of code 110 Vulnerability details Uniswap v3 does not support rebasing or fee-on-transfer tokens so using these tokens with it will result funds getting stuck. With fee-on-transfer tokens, if the balance isn't checked, the wrong amount may be transferred out. With rebasing tokens, the...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/12/12 12:0 a.m.17 views

Fee-on-transfer/rebasing tokens will have problems when swapping

Lines of code 110 Vulnerability details Uniswap v3 does not support rebasing or fee-on-transfer tokens so using these tokens with it will result funds getting stuck. With fee-on-transfer tokens, if the balance isn't checked, the wrong amount may be transferred out. With rebasing tokens, the...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/02/12 12:0 a.m.18 views

Upgraded Q -> 2 from #293 [1676241639792]

Judge has assessed an item in Issue 293 as 2 risk. The relevant finding follows: 01 USER CAN POSSIBLY TRANSFER NO token0 OR token1 TO TimeswapV2Option CONTRACT IF CORRESPONDING token0 OR token1 IS A REBASING TOKEN When calling the following TimeswapV2Option.mint function, msg.sender uses the...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/07 12:0 a.m.8 views

MultiRewardEscrow.claimRewards() can break for rebasing tokens

Lines of code Vulnerability details Rebasing tokens make balanceOf modifications arbitrarily e.g: Aave share tokens. If such token is used in an escrow, the balance could become insufficient at the time of claiming rewards, making it impossible to claim rewards for that escrow. Impact Medium Proo...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/12/12 12:0 a.m.8 views

Incompatibility With Rebasing/Deflationary/Inflationary tokens

Lines of code Vulnerability details Impact The Maverick AMM does not appear to support rebasing/deflationary/inflationary tokens whose balance changes during transfers or over time. The necessary checks include at least verifying the amount of tokens transferred to contracts before and after the...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/11/10 12:0 a.m.7 views

Logic in SpigotLib will not work with rebasing tokens

Lines of code Vulnerability details Proof of Concept Some tokens may make arbitrary balance modifications outside of transfers e.g. Ampleforth style rebasing tokens, Compound style airdrops of governance tokens, mintable / burnable tokens. The code in the claimEscrow function uses a previously...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2022/11/08 12:0 a.m.7 views

Rebasing tokens as Base tokens for the auction could be stuck in the contract or mean loss of funds for the las person to withdraw

Lines of code Vulnerability details Impact Use of rebasing tokens is not checked and could result it stuck funds, inability to cancel an Auction or withdraw due amounts of base token for the last one to call withdraw Proof of Concept If a rebasing token is used for the base token the balance held...

6.7AI score
Exploits0
Rows per page
Query Builder