Lucene search
K

15 matches found

vulnersOsv
vulnersOsv
added 2026/04/10 7:50 p.m.6 views

pidgen2 (>=0.3.15 <=0.3.20), xrootd-utils (=0.1.0) potentially affected by unknown CVE via xrootd (>=5.2.0 <=5.8.2)

xrootd PYPI version =5.2.0, =0.3.15, =0.3.20 - xrootd-utils =0.1.0 Source cves: unknown CVE Source advisory: OSV:GHSA-VJ8V-P5VW-M6V5...

5.5AI score
Exploits0
OSV
OSV
added 2026/04/10 7:50 p.m.2 views

GHSA-VJ8V-P5VW-M6V5 xrootd has path traversal in directory listing that allows access to the parent directory via trailing ".." pattern

Summary A path traversal vulnerability in XRootD allows users to escape the exported directory scope and enumerate the contents of the parent directory by appending /.. specifically without trailing slash to an exported path in xrdfs ls or HTTP PROPFIND requests. This bypass ignores the all.expor...

5.3CVSS5.9AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/04/10 7:50 p.m.5 views

xrootd has path traversal in directory listing that allows access to the parent directory via trailing ".." pattern

Summary A path traversal vulnerability in XRootD allows users to escape the exported directory scope and enumerate the contents of the parent directory by appending /.. specifically without trailing slash to an exported path in xrdfs ls or HTTP PROPFIND requests. This bypass ignores the all.expor...

5.9AI score
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2025-9b8c8ca077)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.00404EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-1488

Malware in sbrugna...

10CVSS9.4AI score0.06467EPSS
Exploits0References6
Rockylinux
Rockylinux
added 2025/03/17 8:16 p.m.6 views

firewalld bug fix and enhancement update

An update is available for firewalld. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list firewalld is a firewall service daemon that provides a dynamic customizable...

7.2AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.2 views

SUSE CVE-2017-1000215

ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution...

10CVSS8.9AI score0.06467EPSS
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2019/03/14 12:0 a.m.166 views

XRootD: Remote code execution

Background A project that aims at giving high performance, scalable, and fault tolerant access to data repositories of many kinds. Description A shell command injection was discovered in XRootD. Impact A remote attacker could execute arbitrary code. Workaround There is no known workaround at this...

10CVSS3.3AI score0.06467EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/03/14 12:0 a.m.16 views

GLSA-201903-11 : XRootD: Remote code execution

The remote host is affected by the vulnerability described in GLSA-201903-11 XRootD: Remote code execution A shell command injection was discovered in XRootD. Impact : A remote attacker could execute arbitrary code. Workaround : There is no known workaround at this time. C Tenable Network Securit...

10CVSS9AI score0.06467EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/12/26 12:0 a.m.4 views

The vulnerability of the XRootD file server arises from the lack of measures to clean incoming data during LDAP requests, allowing an attacker to execute arbitrary code.

The vulnerability of the XRootD file server is related to the lack of measures to sanitize input data when processing LDAP requests. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS5.9AI score0.06467EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2017/11/22 12:0 a.m.3 views

ROOT xrootd Command Injection Vulnerability

ROOT xrootd is a scalable data repository that features fault-tolerant access and low-latency access. A command injection vulnerability exists in ROOT xrootd 4.6.0 and earlier versions. A remote attacker can exploit this vulnerability to execute commands...

10CVSS7.9AI score0.06467EPSS
Exploits0References1
OSV
OSV
added 2017/11/17 8:29 p.m.11 views

CVE-2017-1000215

ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution...

9.8CVSS8.4AI score
Exploits0References4
Cvelist
Cvelist
added 2017/11/17 8:0 p.m.29 views

CVE-2017-1000215

ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution...

10AI score0.06467EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2017/11/17 8:0 p.m.15 views

CVE-2017-1000215

ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution...

10CVSS5.9AI score0.06467EPSS
Exploits0
CVE
CVE
added 2017/11/17 8:0 p.m.49 views

CVE-2017-1000215

CVE-2017-1000215 affects ROOT xrootd versions 4.6.0 and earlier, exposing an unauthenticated shell command injection that enables remote code execution. The vulnerability is documented across multiple advisories (NVD, SUSE, Gentoo GLSA) indicating remote code execution via a shell command injecti...

10CVSS10AI score0.06467EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder