Max CVSS | 5.5 | Min CVSS | 5.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-28374 | 5.5 |
In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c938
|
15-03-2021 - 22:04 | 13-01-2021 - 04:15 | |
CVE-2021-3139 | 5.5 |
In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopy_locate_udev in tcmur_cmd_handler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. Fo
|
22-01-2021 - 18:25 | 13-01-2021 - 16:15 |