157 matches found
Advisory ROSA-SA-2026-3301
Component: libconfuse 3.3 Operating System: ROSA-CHROME Unaffected versions: = libconfuse-3.3-3 Affected versions: libconfuse-3.3-3 CVE-ID: CVE-2022-40320 BDU-ID: 2022-05795 CVE-Crit: LOW CVE-DESC.: The vulnerability in the cfgtildeexpand function of the configuration file parser library libConfu...
Astra Linux - уязвимость в glibc
A use-after-free vulnerability introduced in the glibc upstream version 2.14 was identified in the way the tilde expansion was performed. Directory paths that contained a tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a special...
Astra Linux - уязвимость в curl
There is a path traversal vulnerability in the 8.0.0 SFTP implementation of curl. This vulnerability causes the tilde character to be incorrectly replaced when used as a prefix in the first path element. Additionally, the tilde is intended to be used as the first element to indicate a path relati...
JLSEC-2026-406
A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can...
MiracleLinux 4 : glibc-2.12-1.212.AXS4 (AXSA:2018-3156:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3156:01 advisory. glibc: Buffer overflow in glob with GLOBTILDE CVE-2017-15670 glibc: Buffer overflow during unescaping of user names with the operator CVE-2017-15804...
CVE-2025-46294
To enhance security, the FileMaker Server 22.0.4 installer now includes an option to disable IIS short filename enumeration by setting NtfsDisable8dot3NameCreation in the Windows registry. This prevents attackers from using the tilde character to discover hidden files and directories. This...
CVE-2025-46294
The CVE describes a vulnerability in FileMaker Server relating to IIS short filename enumeration (8.3) that could enable information disclosure. Affected: FileMaker Server, prior to/including version 22.0.4; remediation is addressed in 22.0.4 with an option to disable 8.3 name creation. Root caus...
Siemens SIMATIC S7-1500 Improper Limitation of a Pathname to a Restricted Directory (CVE-2023-27534)
A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can...
EUVD-2017-2959
Malware in sbrugna...
EUVD-2007-6129
Malware in sbrugna...
EUVD-2020-12583
Malware in sbrugna...
EUVD-2007-6130
Malware in sbrugna...
EUVD-2002-1907
Malware in sbrugna...
EUVD-2017-2960
Malware in sbrugna...
EUVD-2017-2958
Malware in sbrugna...
EUVD-2006-1504
Malware in sbrugna...
EUVD-2017-2961
Malware in sbrugna...
EUVD-2007-6128
Malware in sbrugna...
CLSA-2024-1711562558 curl: Fix of 3 CVEs
Moved tuxcare patches from 7.29.0-59.1.tuxcare.els2 - CVE-2023-38546: cookie: remove unnecessary struct fields - CVE-2022-27782: check additional TLS or SSH connection parameters that should have prohibited connection reuse - CVE-2023-27534: fix SFTP path '' resolving discrepancy - fix read off...
curl: SFTP path ~ resolving discrepancy
A path traversal vulnerability exists in curl 8.0.0 SFTP implementation causes the tilde character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can...