Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

AstraLinux
AstraLinuxadded last week6 views

Astra Linux – Vulnerability in squashfs-tools

The squashfsopendir function in unsquash-2.c within Squashfs-Tools 4.5 enables Directory Traversal, another vulnerability distinct from CVE-2021-40153. A squashfs filesystem that includes a symbolic link, along with files under the same filename, can cause unsquashfs to first create the symbolic...

8.1CVSS6.7AI score0.02136EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2026/06/01 12:0 a.m.10 views

Debian dla-4610 : git-lfs - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4610 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4610-1 [email protected] https://www.debian.org/lts/security/...

8.6CVSS7.1AI score0.00707EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/20 12:48 p.m.42 views

CVE-2026-29518 Rsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arbitrary File Write

Rsync versions before 3.4.3 contain a time-of-check to time-of-use TOCTOU race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replacing parent directory components with symbolic links. Attackers with write access to a module path ca...

7.3CVSS0.00141EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/26 9:17 p.m.8 views

CVE-2026-23986

Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it...

7.1CVSS6AI score0.00224EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2025/12/22 12:0 a.m.6 views

RHEL 10 : ruby (RHSA-2025:23927)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23927 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

8.6CVSS7.2AI score0.00707EPSS
Exploits0References9
OSV
OSVadded 2023/02/22 8:11 p.m.4 views

CLSA-2023-1677096675 Fix of 5 CVEs

SECURITY UPDATE: out-of-bounds write caused by integer overflow - debian/patches/CVE-2022-41903.patch: use 'sizet' instead of 'int' to track the string lengths and so allow 2GB input sizes. - CVE-2022-41903 - t-mark-submodule-clean-test-as-known-failure.patch: mark submodule clean test as known...

9.8CVSS7.5AI score0.44268EPSS
Exploits5References1
Positive Technologies
Positive Technologiesadded 2019/12/11 12:0 a.m.5 views

PT-2019-1105 · Npm +6 · Npm Cli +6

Name of the Vulnerable Software and Affected Versions: npm CLI versions prior to 6.13.3 Description: The issue exists due to incorrect restriction of the path name to a directory with limited access. Exploitation may allow a remote attacker to write arbitrary files by creating a symbolic link to...

9.8CVSS7.4AI score0.57132EPSS
Exploits2References104
Rows per page
Query Builder