Every CVE whose affected-product data names Andrew Tridgell Rsync, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2002-0048 — CVSS 10.0 (critical): Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote…
CVE-2003-0962 — CVSS 7.5 (high): Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and…
CVE-2006-2083 — CVSS 7.5 (high): Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to…
CVE-2004-0792 — CVSS 6.4 (medium): Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows…
CVE-2004-0426 — CVSS 5.0 (medium): rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to…
CVE-1999-0473 — CVSS 2.1 (low): The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the…