CVE-2026-32761

CVE-2026-32761 affects the File Browser project (versions 2.61.0 and earlier). The issue is a permission enforcement bypass in the public share download flow: users with perm.share=true but perm.download=false can exfiltrate file contents by creating a public share link and accessing /api/public/...

MiracleLinux 8 : libsoup-2.62.3-7.el8_10 (AXSA:2025-9617:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9617:02 advisory. libsoup: buffer overflow via UTF-8 conversion in soupheaderparseparamliststrict CVE-2024-52531 Tenable has extracted the preceding description block directly...

PT-2025-32656 · Siemens · Sicam Q100 +1

Name of the Vulnerable Software and Affected Versions: POWER METER SICAM Q100 versions 2.60 through 2.61 POWER METER SICAM Q200 versions 2.70 through 2.79 Description: Affected devices export the password for the SMTP account as plain text in the configuration file. This could allow an...

CVE-2024-29069

In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image such as icons and...

CVE-2024-29068

In snapd versions prior to 2.62, snapd failed to properly check the file type when extracting a snap. The snap format is a squashfs file-system image and so can contain files that are non-regular files such as pipes or sockets etc. Various file entries within the snap squashfs image such as icons...

DEBIAN-CVE-2024-1724

In snapd versions prior to 2.62, when using AppArmor for enforcement of sandbox permissions, snapd failed to restrict writes to the $HOME/bin path. In Ubuntu, when this path exists, it is automatically added to the users PATH. An attacker who could convince a user to install a malicious snap whic...

PT-2024-6091 · Snapd +4 · Snapd +4

Name of the Vulnerable Software and Affected Versions: snapd versions prior to 2.62 Description: The issue is related to the improper checking of symbolic link destinations when extracting a snap. This could allow an attacker to convince a user to install a malicious snap, which in turn could cau...

[SECURITY] [DLA 1124-1] dnsmasq security update

Package : dnsmasq Version : 2.62-3+deb7u4 CVE ID : CVE-2017-14491 CVE-2017-14492 CVE-2017-14494 Felix Wilhelm, Fermin J. Serna, Gabriel Campana, Kevin Hamacher, Ron Bowes and Gynvael Coldwind of the Google Security Team discovered several vulnerabilities in dnsmasq, a small caching DNS proxy and...

DSA-3251-1 dnsmasq - security update

Bulletin has no description...

MiraksGalerie Multiple Remote File Include Vulnerabilities

miraksgalerie容易多偏远档案-包括脆弱性.这些问题都因未能妥善消毒的应用用户提供投入.攻击者可以利用一个任意偏远这些问题包括含有恶意PHP的档案资讯代码和执行方面的Web服务进程.这可能允许攻击者妥协的应用和基本制度; 其他攻击也是可能. mirakmiraksgalerie2.62 目前我们不知道有任何卖方供应贴片一下. 如果你觉得我们都知道,在最近的错误或资料,请邮件:[email protected]:[email protected] html head meta http-equiv="Content-Type"...