Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/06/24 4:29 p.m.32 views

CVE-2026-53049 gfs2: add some missing log locking

In the Linux kernel, the following vulnerability has been resolved: gfs2: add some missing log locking Function gfs2logd calls the log flushing functions gfs2ail1start, gfs2ail1wait, and gfs2ail1empty without holding sdp-sdlogflushlock, but these functions require exclusion against concurrent...

9.8CVSS0.00509EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/02/13 5:34 p.m.17 views

CVE-2025-24889 Path traversal in sd-log Qubes virtual machine

The SecureDrop Client is a desktop application for journalists to communicate with sources and work with submissions on the SecureDrop Workstation. Prior to versions 0.14.1 and 1.0.1, an attacker who has already gained code execution in a virtual machine on the SecureDrop Workstation could gain...

4.5CVSS0.00195EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/13 12:0 a.m.3 views

SecureDrop 路径遍历漏洞

SecureDrop is an open source whistleblower submission system from the Freedom of the Press Foundation. It can be used by media organizations to securely accept documents from and communicate with anonymous sources. A path traversal vulnerability existed prior to SecureDrop version 0.14.1, which...

4.5CVSS7.2AI score0.00195EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/02/13 12:0 a.m.8 views

PT-2025-7042 · Unknown +1 · Securedrop Client +2

Name of the Vulnerable Software and Affected Versions: SecureDrop Client versions prior to 0.14.1 and 1.0.1 Description: The issue allows an attacker who has already gained code execution in a virtual machine on the SecureDrop Workstation to gain code execution in the sd-log virtual machine by...

4.5CVSS7.7AI score0.00195EPSS
Exploits0References6
Rows per page
Query Builder