Lucene search
K

7 matches found

RedHat Linux
RedHat Linux
added 2026/05/26 5:39 a.m.14 views

rsync: rsync server leaks arbitrary client files

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...

6.8CVSS7.1AI score0.01761EPSS
Exploits1References5
OSV
OSV
added 2025/02/07 9:56 a.m.4 views

SUSE-SU-2025:20223-1 Security update for rsync

This update for rsync fixes the following issues: - Bump protocol version to 32 - make it easier to show server is patched. - Fix FLAGGOTDIRFLIST collission with FLAGHLINKED - Security update,CVE-2024-12747, bsc1235475 race condition in handling symbolic links - Security update, fix multiple...

9.8CVSS7.3AI score0.72059EPSS
Exploits8References13
OSV
OSV
added 2025/02/04 8:59 a.m.10 views

SUSE-SU-2025:20122-1 Security update for rsync

This update for rsync fixes the following issues: - CVE-2024-12084: Fixed Heap Buffer Overflow in Checksum Parsing bsc1234100. - CVE-2024-12085: Fixed Info Leak via uninitialized Stack contents defeating ASLR bsc1234101. - CVE-2024-12086: Fixed server leaking arbitrary client files bsc1234102. -...

9.8CVSS7AI score0.72059EPSS
Exploits8References13
OSV
OSV
added 2022/08/06 5:51 a.m.2 views

GHSA-V4HR-4JPX-56GC Streamlit directory traversal vulnerability

Impact Users hosting Streamlit apps that use custom components are vulnerable to a directory traversal attack that could leak data from their web server file-system such as: server logs, world readable files, and potentially other sensitive information. An attacker can craft a malicious URL with...

6.5CVSS6AI score0.01292EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/09/29 12:0 a.m.4 views

OS4Ed OpenSIS 路径遍历漏洞

OS4Ed OpenSIS is OS4Ed's commercial grade, secure, scalable and intuitive student information system, school management software. With all the features to run single or multiple organizations in one installation. Web-based, php code, MySQL database. A path traversal vulnerability exists in OS4Ed...

6.5CVSS6.5AI score0.18415EPSS
Exploits2References3
CNVD
CNVD
added 2019/03/19 12:0 a.m.6 views

Ruby on Rails Arbitrary File Read Vulnerability

Ruby on Rails is a very productive, high-maintenance, easy-to-deploy Ruby on Rails Ruby on Rails is a very productive, high-maintenance, and easy-to-deploy web development framework developed using Ruby, and is one of the preferred frameworks for web application development worldwide. Ruby on Rai...

7.5CVSS7AI score0.98507EPSS
Exploits18References1
OSV
OSV
added 2018/06/14 8:29 p.m.5 views

CVE-2018-8819

An XXE issue was discovered in Automated Logic Corporation ALC WebCTRL Versions 6.0, 6.1 and 6.5. An unauthenticated attacker could enter malicious input to WebCTRL and a weakly configured XML parser will allow the application to disclose full file contents from the underlying web server OS via t...

7.5CVSS5.7AI score0.03052EPSS
Exploits2References3
Rows per page
Query Builder