RHEL 8 : rsync (RHSA-2026:26408)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26408 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : rsync vulnerabilities (USN-8349-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8349-1 advisory. Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote...

RHEL 9 : rsync (RHSA-2026:20603)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20603 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because...

Slackware Linux 15.0 / current rsync Multiple Vulnerabilities (SSA:2026-141-02)

The version of rsync installed on the remote host is prior to 3.4.3. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-141-02 advisory. New rsync packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : rsync vulnerabilities (USN-8283-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8283-1 advisory. Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote...

USN-8283-1 rsync vulnerabilities

Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote attacker with read access to an rsync server could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 25.1...

Debian dla-4591 : rsync - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4591 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4591-1 [email protected]...

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Versions of Rsync from 3.0.1 to 3.4.1 contain security vulnerabilities. These vulnerabilities stem from the use of untrusted length values in the receivexattr function during the...

Advisory ROSA-SA-2026-3181

Software: rsync 3.1.3 OS: ROSA Virtualization 3.0 unaffected versions = rsync-3.1.3-23.rv30 affected versions rsync-3.1.3-23.rv30 CVE-ID: CVE-2025-4638 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the zlib library embedded in PointCloudLibrary PCL allows attackers to cause...

EulerOS Virtualization 2.10.1 : rsync (EulerOS-SA-2026-1145)

According to the versions of the rsync package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destinati...

MiracleLinux 9 : rsync-3.2.5-3.el9 (AXSA:2025-10080:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10080:08 advisory. rsync: Path traversal vulnerability in rsync CVE-2024-12087 rsync: --safe-links option bypass leads to path traversal CVE-2024-12088 rsync: Race...

EUVD-2007-4075

Malware in sbrugna...

EUVD-2014-9327

Malware in sbrugna...

NewStart CGSL MAIN 7.02 : rsync Multiple Vulnerabilities (NS-SA-2025-0152)

The remote NewStart CGSL host, running version MAIN 7.02, has rsync packages installed that are affected by multiple vulnerabilities: - A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server...

Alibaba Cloud Linux 3 : 0042: rsync (ALINUX3-SA-2025:0042)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0042 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-12087: A path traversal...

RHEL 9 : rsync (RHSA-2025:7050)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:7050 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because...

EulerOS 2.0 SP10 : rsync (EulerOS-SA-2025-1536)

According to the versions of the rsync package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from th...

EulerOS 2.0 SP10 : rsync (EulerOS-SA-2025-1537)

According to the versions of the rsync package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from th...

EulerOS 2.0 SP12 : rsync (EulerOS-SA-2025-1437)

According to the versions of the rsync package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from th...

Advisory ROSA-SA-2025-2818

Software: rsync 3.1.3 OS: ROSA Virtualization 3.0 packageevrstring: rsync-3.1.3-21.rv30 CVE-ID: CVE-2024-12087 BDU-ID: 2025-00377 CVE-Crit: HIGH CVE-DESC.: A configuration vulnerability in the --inc-recursive configuration of the rsyncd daemon of the Rsync file transfer and synchronization utilit...