Lucene search
+L

8 matches found

osv
osv
•added 2026/06/05 3:48 p.m.•10 views

OESA-2026-2550 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

8.1CVSS5.7AI score0.0078EPSS
Exploits0References4
snyk
snyk
•added 2026/05/20 3:42 a.m.•9 views

Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error via the establishproxyconnection function. An attacker can corrupt stack memory by sending a specially crafted HTTP proxy response line of 1023 or more bytes without a newline terminator, potentially leading to...

5.9CVSS5.8AI score0.00337EPSS
Exploits0References2
nvd
nvd
•added 2026/05/20 2:16 a.m.•14 views

CVE-2026-45232

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

3.7CVSS0.00337EPSS
Exploits0References3
cve
cve
•added 2026/05/20 12:45 a.m.•18 views

CVE-2026-45232

Rsync

3.7CVSS5.8AI score0.00337EPSS
Exploits0References3Affected Software1
euvd
euvd
•added 2026/05/20 12:45 a.m.•9 views

EUVD-2026-31009

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

3.1CVSS5.8AI score0.00337EPSS
Exploits0References3
cvelist
cvelist
•added 2026/05/20 12:45 a.m.•48 views

CVE-2026-45232 Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

3.1CVSS0.00337EPSS
Exploits0References3
debiancve
debiancve
•added 2026/05/20 12:45 a.m.•12 views

CVE-2026-45232

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

3.7CVSS5.8AI score0.00337EPSS
Exploits0
osv
osv
•added 2004/02/09 5:0 a.m.•3 views

DEBIAN-CVE-2004-2093

Buffer overflow in the opensocketout function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service crash and possibly execute arbitrary code via a long RSYNCPROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional...

4.6CVSS7.7AI score0.00998EPSS
Exploits0References1
Rows per page
Query Builder