Lucene search
+L

63 matches found

cve
cve
added 2026/07/07 3:15 a.m.14 views

CVE-2026-42143

Coolify prior to 4.0.0-beta.471 is affected by an OS Command Injection via user-controlled persistent volume names that are interpolated into shell commands on managed servers without escaping/validation. An authenticated user could inject shell metacharacters through volume operations and execut...

8.8CVSS6AI score0.00435EPSS
Exploits0References3
cvelist
cvelist
added 2026/07/07 3:5 a.m.31 views

CVE-2026-34168 Coolify: Command injection via unsanitized persistent storage name in docker volume commands

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the LocalPersistentVolume.name field is interpolated directly into docker volume shell commands without shell argument escaping, allowing an authenticated user to set a...

8.8CVSS0.00403EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/07/07 3:5 a.m.6 views

CVE-2026-34168

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the LocalPersistentVolume.name field is interpolated directly into docker volume shell commands without shell argument escaping, allowing an authenticated user to set a...

8.8CVSS6AI score0.00403EPSS
Exploits0References4Affected Software1
osv
osv
added 2026/07/07 3:5 a.m.4 views

CVE-2026-34168 Coolify: Command injection via unsanitized persistent storage name in docker volume commands

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the LocalPersistentVolume.name field is interpolated directly into docker volume shell commands without shell argument escaping, allowing an authenticated user to set a...

8.8CVSS6AI score0.00403EPSS
Exploits0References5
euvd
euvd
added 2026/03/21 3:33 p.m.7 views

EUVD-2019-19880

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References5
nvd
nvd
added 2026/03/21 1:16 p.m.6 views

CVE-2019-25566

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...

6.9CVSS0.00183EPSS
Exploits1References4
cvelist
cvelist
added 2026/03/21 12:47 p.m.26 views

CVE-2019-25566 TransMac 12.3 Denial of Service via Volume Name Field

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...

6.9CVSS0.00183EPSS
Exploits1References4
attackerkb
attackerkb
added 2026/03/21 12:47 p.m.4 views

CVE-2019-25566

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References4Affected Software1
cve
cve
added 2026/03/21 12:47 p.m.19 views

CVE-2019-25566

TransMac 12.3 is affected by a local denial-of-service vulnerability: a buffer overflow in the volume name field can crash the app when a long string is used (e.g., 1000 repeated characters during disk image creation). The connected CVE records confirm the issue and its impact as described; there...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References4Affected Software1
vulnrichment
vulnrichment
added 2026/03/21 12:47 p.m.1 views

CVE-2019-25566 TransMac 12.3 Denial of Service via Volume Name Field

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References4
cnnvd
cnnvd
added 2026/03/21 12:0 a.m.9 views

Acute Systems TransMac 缓冲区错误漏洞

Acute Systems TransMac is a tool software developed by Acute Systems that allows access and management of Mac disks and file systems on Windows systems. Version 12.3 of Acute Systems TransMac contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the volume name...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2026/03/21 12:0 a.m.8 views

PT-2026-26911

TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during di...

6.9CVSS6.1AI score0.00183EPSS
Exploits1References5
astralinux
astralinux
added 2026/01/27 5:1 a.m.7 views

Astra Linux – Vulnerability in grub2

A flaw was discovered in the HFS filesystem. When reading the name of an HFS volume during the grubfsmount function, the HFS filesystem driver uses the user-provided volume name as input without properly verifying the length of that name. This issue may lead to a heap-based out-of-bounds write...

7.8CVSS6.7AI score0.002EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/10/14 2:0 p.m.8 views

CVE-2025-22831 Buffer Overflow in NTFS when parsing the VOLUME_NAME

APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability...

5.8CVSS6.6AI score0.0014EPSS
Exploits0References1
cvelist
cvelist
added 2025/10/14 2:0 p.m.13 views

CVE-2025-22831 Buffer Overflow in NTFS when parsing the VOLUME_NAME

APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability...

5.8CVSS0.0014EPSS
Exploits0References1
cve
cve
added 2025/10/14 2:0 p.m.12 views

CVE-2025-22831

CVE-2025-22831 affects AMI AptioV BIOS. The vulnerability is a local, in-BIOS Out-of-bounds Write that can be triggered by an attacker with local access, causing data corruption and loss of availability. Exploitation details are not provided in the supplied documents; no patch/version remediation...

7.8CVSS6.6AI score0.0014EPSS
Exploits0References1Affected Software1
mscve
mscve
added 2025/09/04 2:36 p.m.5 views

Grub2: fs/hfs: strcpy() using the volume name (fs/hfs.c:382)

...

7.8CVSS7AI score0.002EPSS
Exploits0
nessus
nessus
added 2025/08/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-42257

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: use memtostrpad for svolumename As with the other strings in struct ext4superblock,...

7.8CVSS5.1AI score0.00202EPSS
Exploits0References2
osv
osv
added 2025/03/14 3:47 p.m.4 views

OESA-2025-1292 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: A flaw was found in grub2 where the grubextcmddispatcher function calls grubarglistalloc to allocate memory for the...

7.8CVSS8.2AI score0.00673EPSS
Exploits1References14
osv
osv
added 2025/03/03 5:15 p.m.2 views

DEBIAN-CVE-2024-45782

A flaw was found in the HFS filesystem. When reading an HFS volume's name at grubfsmount, the HFS filesystem driver performs a strcpy using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer,...

7.8CVSS6.5AI score0.002EPSS
Exploits0References1
Rows per page
Query Builder