CVE-2024-12088
- EPSS 0.72%
- Veröffentlicht 14.01.2025 18:15:25
- Zuletzt bearbeitet 12.08.2025 21:15:28
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, w...
CVE-2023-48795
- EPSS 64.06%
- Veröffentlicht 18.12.2023 16:15:10
- Zuletzt bearbeitet 29.09.2025 21:56:10
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client a...
CVE-2020-1712
- EPSS 0.11%
- Veröffentlicht 31.03.2020 17:15:26
- Zuletzt bearbeitet 21.11.2024 05:11:13
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially...