CVE-2024-12088
- EPSS 0.72%
- Published 14.01.2025 18:15:25
- Last modified 12.08.2025 21:15:28
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, w...
CVE-2023-48795
- EPSS 64.06%
- Published 18.12.2023 16:15:10
- Last modified 29.09.2025 21:56:10
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client a...
CVE-2020-1712
- EPSS 0.11%
- Published 31.03.2020 17:15:26
- Last modified 21.11.2024 05:11:13
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially...