Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/09 2:59 p.m.10 views

CVE-2026-49233

Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache...

8.3CVSS5.4AI score0.00433EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/08 3:33 p.m.8 views

Routinator has cache path traversal when processing the module component of rsync URIs

Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache...

8.3CVSS5.2AI score0.00433EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/08 3:16 p.m.12 views

CVE-2026-49233

Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache...

8.3CVSS0.00433EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.11 views

PT-2026-47302

Name of the Vulnerable Software and Affected Versions Routinator affected versions not specified Description Routinator fails to properly validate the module component of rsync URIs used to generate file system paths for its cache. This lack of validation enables path traversal if a module name...

8.3CVSS5.4AI score0.00433EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.7 views

Amazon Linux 2 : rsync, --advisory ALAS2-2026-3157 (ALAS-2026-3157)

The version of rsync installed on the remote host is prior to 3.1.2-11. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3157 advisory. A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a...

4.3CVSS5.5AI score0.00283EPSS
Exploits0References4
Gitee
Gitee
added 2025/09/14 6:33 p.m.77 views

PocCollect

This repository is an offensive tool for vulnerability scanning and exploitation, specifically targeting various web applications and services. The primary vulnerability class targeted is SQL injection, with specific examples of exploits for Struts2, 08CMS, and ASPCMS. The tool is written in Pyth...

7.7AI score
Exploits0
Rows per page
Query Builder