35 matches found
Astra Linux - уязвимость в rsync
A flaw was discovered in rsync that can be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length, causing a comparison between a checksum and uninitialized memory, and resulting in the leakage of one byte of uninitialized stack data ...
rsync: rsync server leaks arbitrary client files
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...
JLSEC-2025-327 A flaw was found in rsync
A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the...
JLSEC-2025-324 A flaw was found in rsync which could be triggered when rsync compares file checksums
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...
EUVD-2024-51084
Malicious code in bioql PyPI...
EUVD-2024-50582
Malicious code in bioql PyPI...
EUVD-2024-50581
Malicious code in bioql PyPI...
EUVD-2024-50584
Malicious code in bioql PyPI...
[Important] [Security] CVE Fixes (CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332) for Virtuozzo Hybrid Server 7.5 and VzLinux 7.9
This update fixes the vulnerabilities in sudo, rsync, and microcodectl registered as CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332. Additionally, this update includes fixes applied to Virtuozzo guest tools for Windows. The new packages are available for Virtuozzo Hybrid Server 7.5 and VzLinu...
[Important] [Security] Fixes for vulnerabilities in sudo, rsync, and microcode_ctl (CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332) for Virtuozzo Hybrid Server 7.5
This update fixes the vulnerabilities in sudo, rsync, and microcodectl registered as CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332. Additionally, this update includes a fix for NetKVM drivers that caused some Windows virtual machines to crash. Vulnerability id: CVE-2025-32462 A privilege...
[Important] [Security] Fixes for vulnerabilities in sudo, rsync, and microcode_ctl (CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332) for Virtuozzo Hybrid Server 7.5
This update resolves the vulnerabilities in sudo, rsync, and microcodectl registered as CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332. Additionally, this update includes a fix for NetKVM drivers that caused some Windows virtual machines to crash. Vulnerability id: CVE-2025-32462 A privilege...
rsync: --safe-links option bypass leads to path traversal
A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the...
Linux Distros Unpatched Vulnerability : CVE-2024-12088
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server...
Linux Distros Unpatched Vulnerability : CVE-2024-12747
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering...
rsync: Info Leak via Uninitialized Stack Contents
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...
rsync: Info Leak via Uninitialized Stack Contents
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...
CVE-2024-12086
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...
CVE-2024-12086
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...
CVE-2024-12086
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...
CVE-2024-12088
A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the...