51 matches found
[SECURITY] Fedora 43 Update: glow-2.1.2-1.fc43
Glow is a terminal based markdown reader designed from the ground up to bring out the beauty=E2=80=94and power=E2=80=94of the CLI. Use it to discover mark down files, read documentation directly on the command line. Glow will find local markdown files in subdirectories or a local Git repository...
CVE-2025-69428
An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdirectories...
PT-2026-35514
CVE-2025-69428 An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdirectories. https://t.co/JqzY6tQLxL...
CVE-2026-33748
A flaw was found in BuildKit. Insufficient validation of Git URL fragment subdirectory components may allow a remote attacker to access files outside the checked-out Git repository root. This access is limited to files on the same mounted filesystem. This vulnerability could lead to unauthorized...
CLSA-2026-1773224214 nfs-utils: Fix of CVE-2025-12801
CVE-2025-12801: fix rpc.mountd privilege escalation allowing NFSv3 clients to bypass rootsquash and allsquash when mounting subdirectories...
Red Hat Enterprise Linux 10 安全漏洞
Red Hat Enterprise Linux 10 is a Linux operating system designed for enterprise users by the American company Red Hat. Red Hat Enterprise Linux 10 has a security vulnerability, which stems from an issue with the rpc.mountd daemon’s permissions. This vulnerability may allow NFSv3 clients to access...
SUSE CVE-2026-23144
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. As a result, DAMON...
CVE-2026-23144
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. As a result, DAMON...
CVE-2026-23144
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. As a result, DAMON...
CVE-2026-23144 mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. As a result, DAMON...
CVE-2026-23144
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. As a result, DAMON...
UBUNTU-CVE-2023-53355
In the Linux kernel, the following vulnerability has been resolved: staging: pi433: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instea...
copyparty: Sharing a single file does not fully restrict access to other files in source folder
There was a missing permission-check in the shares feature the shr global-option. When a share is created for just one file inside a folder, it was possible to access the other files inside that folder by guessing the filenames. It was not possible to descend into subdirectories in this manner;...
CVE-2025-24916
When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable Network Monitor versions prior to 6.5.1 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default...
Ensure That the Sticky Bit Is Set for Globally Writable Directories
The sticky bit of a common file is ignored by the kernel. The sticky bit shows up as the execute permission flag of a directory and is indicated with t. If the sticky bit set is for a directory, a user who is not root or the directory owner cannot delete files or directories in the directory,...
CVE-2025-24915
When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.8.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location...
Arbitrary File Read/Write
github.com/projectdiscovery/interactsh is vulnerable to Arbitrary File Read/Write. The vulnerability is due to improper smb server restrictions which allows an attacker to read/write any files in the directory and subdirectories of where the victim runs interactsh-server via anonymous login...
Measuresoft ScadaPro 访问控制错误漏洞
Measuresoft ScadaPro Server is a powerful real-time data acquisition software package from Measuresoft Ireland. It provides monitoring, data logging, simulation development and report generation. An Access Control Error vulnerability exists in Measuresoft ScadaPro version 6.9.0.0, which stems fro...
CVE-2022-4417
The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 9.3.3 does not properly block access to the REST API users endpoint when the blog is in a subdirectory, which could allow attackers to bypass the restriction in place and list users...
PT-2022-25745 · Buildah +1 · Buildah +1
Name of the Vulnerable Software and Affected Versions: Buildah affected versions not specified Description: A flaw was found in Buildah, where incorrect absolute path traversal may disclose the local path and the lowest subdirectory, resulting in an impact to confidentiality. Recommendations: At...