Lucene search
K

3257 matches found

OSV
OSV
added 2026/05/05 10:28 a.m.11 views

CLSA-2026-1777976917 openssh: Fix of CVE-2026-35385

CVE-2026-35385: when downloading files as root in legacy -O mode and without the -p preserve modes flag, scp1 did not clear setuid/setgid bits from downloaded files. Backport upstream commit 487e8ac1 to mask out the setuid/setgid bits in this case...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/05 10:9 a.m.82 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 - Copy Fail - Script de detection Script Pytho...

7.8CVSS6AI score0.96267EPSS
Exploits228
OSV
OSV
added 2026/05/05 12:38 a.m.6 views

CLSA-2026-1777941528 openssh: Fix of CVE-2026-35385

CVE-2026-35385: fix scp legacy protocol receiver to clear setuid/setgid bits from downloaded files when -p preserve mode is not set...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/04 9:57 a.m.4 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2026/05/03 12:24 a.m.141 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 — Copy Fail Linux kernel local privilege esc...

7.8CVSS6.1AI score0.96267EPSS
Exploits228
Metasploit
Metasploit
added 2026/05/01 7:1 p.m.445 views

Copy Fail AF_ALG + authencesn Page-Cache Write

CVE-2026-31431 is a logic flaw in the Linux kernel's authencesn AEAD template that, when reached via the AFALG socket interface combined with splice, allows an unprivileged local user to perform a controlled 4-byte write into the page cache of any readable file. Because the corrupted pages are...

7.8CVSS7.2AI score0.96267EPSS
Exploits228
GithubExploit
GithubExploit
added 2026/05/01 4:2 p.m.88 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

This is a public Proof-of-Concept PoC for CVE-2026-31431 "Cop...

7.8CVSS6.2AI score0.96267EPSS
Exploits228
OSV
OSV
added 2026/04/30 9:57 p.m.7 views

CLSA-2026-1777586245 Fix CVE(s): CVE-2026-35385

SECURITY UPDATE: scp1 downloading as root in legacy mode without -p did not clear setuid/setgid bits on downloaded files. - debian/patches/CVE-2026-35385.patch: clear setuid/setgid bits from umask in sink when -p is not set - CVE-2026-35385...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/30 8:54 p.m.107 views

Exploit for CVE-2026-31431

CVE-2026-31431-Copy-Fail---Vulnerability-Detection-Script Dete...

7.8CVSS6.4AI score0.96267EPSS
Exploits228
OSV
OSV
added 2026/04/30 4:52 p.m.8 views

CLSA-2026-1777567965 openssh: Fix of CVE-2026-35385

CVE-2026-35385: when downloading files as root in legacy -O mode and without the -p preserve modes flag, scp1 did not clear setuid/setgid bits from downloaded files. Backport upstream commit 487e8ac1 to mask out the setuid/setgid bits in this case...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2026/04/30 4:48 p.m.6 views

CLSA-2026-1777567687 Fix CVE(s): CVE-2026-35385

SECURITY UPDATE: scp setuid/setgid bit handling - debian/patches/CVE-2026-35385.patch: when downloading files as root in legacy -O mode and without the -p preserve modes flag, mask out setuid/setgid bits in scp1 sink. - CVE-2026-35385...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/30 4:19 p.m.87 views

Exploit for CVE-2026-31431

Copy Fail CVE-2026-31431 - Comprehensive Writeup 1. Vuln...

7.8CVSS6.7AI score0.96267EPSS
Exploits228
GithubExploit
GithubExploit
added 2026/04/30 3:36 p.m.81 views

Exploit for CVE-2026-31431

Copy-Fail-CVE-2026-31431 A proof-of-concept exploit reprodu...

7.8CVSS6.4AI score0.96267EPSS
Exploits228
GithubExploit
GithubExploit
added 2026/04/30 3:18 p.m.95 views

Exploit for CVE-2026-31431

copyFail.py — CVE Exploit Analysis Report Summary copyFa...

7.8CVSS6.4AI score0.96267EPSS
Exploits228
OSV
OSV
added 2026/04/30 1:41 p.m.8 views

CLSA-2026-1777556512 Fix CVE(s): CVE-2026-35385

SECURITY UPDATE: setuid/setgid bits preserved on scp downloads without -p - debian/patches/CVE-2026-35385.patch: in legacy -O mode, OR 07000 into the saved umask in sink in scp.c so that setuid/setgid/sticky bits are stripped from received files when -p is not specified. - CVE-2026-35385...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2026/04/30 11:13 a.m.9 views

CLSA-2026-1777547626 openssh: Fix of CVE-2026-35385

CVE-2026-35385: clear setuid/setgid bits when downloading files as root in scp legacy -O mode without the -p flag...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2026/04/30 11:1 a.m.8 views

CLSA-2026-1777546896 openssh: Fix of CVE-2026-35385

CVE-2026-35385: when downloading files as root in legacy -O mode and without the -p preserve modes flag, scp1 did not clear setuid/setgid bits from downloaded files. Backport upstream commit 487e8ac1 to mask out the setuid/setgid bits in this case...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/30 10:20 a.m.82 views

Exploit for CVE-2026-31431

CVE-2026-31431 Copy Fail Exploit A Linux kernel page cache co...

7.8CVSS7.4AI score0.96267EPSS
Exploits228
OSV
OSV
added 2026/04/30 9:54 a.m.5 views

CLSA-2026-1777542837 Fix CVE(s): CVE-2026-35385

SECURITY UPDATE: scp setuid/setgid bit handling - debian/patches/CVE-2026-35385.patch: when downloading files as root in legacy -O mode and without the -p preserve modes flag, mask out setuid/setgid bits in scp1 sink. - CVE-2026-35385...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/30 9:43 a.m.87 views

Exploit for CVE-2026-31431

CVE-2026-31431 Copy Fail Detection Toolkit Detection and an...

7.8CVSS6.4AI score0.96267EPSS
Exploits228
Rows per page
Query Builder