Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.9 views

SUSE SLES12 Security Update : libzypp (SUSE-SU-2026:2628-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2628-1 advisory. This update for libzypp fixes the following issue - CVE-2026-25707: Handcrafted repo metadata may cause arbitrary local files to be overwritten...

8.8CVSS6.1AI score0.006EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/24 8:31 p.m.31 views

CVE-2026-52811 Gogs: UploadRepoFiles writes outside repo working tree via committed parent sym

Gogs is an open source self-hosted Git service. Prior to 0.14.3, Repository.UploadRepoFiles checks for symlinks only on the leaf of the upload target osx.IsSymlinktargetPath. The siblings UpdateRepoFile, DeleteRepoFile, and GetDiffPreview use hasSymlinkInPath, which lstats every component —...

9CVSS0.00474EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-44942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A path traversal in handling the path component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by...

6.5CVSS5.9AI score0.00329EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/18 6:21 p.m.9 views

CVE-2026-44942

A flaw was found in libzypp. This path traversal vulnerability, present in the handling of the "path" component within .repo files, could allow attackers to write content to directories outside of the intended zypp cache. This unauthorized writing of data can lead to a Denial of Service DoS by...

6.5CVSS5AI score0.00329EPSS
Exploits0References5
NVD
NVD
added 2026/06/18 2:17 p.m.12 views

CVE-2026-44942

A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content...

6.5CVSS0.00329EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 2:17 p.m.4 views

UBUNTU-CVE-2026-44942

A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content...

6.5CVSS5.9AI score0.00329EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/18 9:57 a.m.19 views

CVE-2026-44942 libzypp .repo files can have an optional path which can lead to path traversal attacks

A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content...

6.5CVSS0.00329EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/18 9:57 a.m.10 views

EUVD-2026-37871

A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content...

6.5CVSS5.3AI score0.00329EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 9:57 a.m.33 views

CVE-2026-44942

CVE-2026-44942 affects libzypp: a path traversal in handling the "path" component of .repo files could allow writing outside the zypp cache. The issue affects the 17.x series (before 17.38.13) and before 16.22.19. OpenSUSE Tumbleweed/ SUSE advisories indicate this vulnerability is fixed in libzyp...

6.5CVSS5.3AI score0.00329EPSS
Exploits0References2
Hacker One
Hacker One
added 2020/06/08 9:35 p.m.122 views

h1-ctf: h1-ctf writeup , finally paid the payments by chaining multiple bugs

Summary: Ultimate aim is to pay the payments of hackerone using bounty pay with no use privileges at starting. Given scope is : .bountypay.h1ctf.com Enumerated subdomains are : 1. www.bountypay.h1ctf.com 2. app.bountypay.h1ctf.com 3. staff.bountypay.h1ctf.com 4. api.bountypay.h1ctf.com 5...

7.5AI score
Exploits0
Rows per page
Query Builder