21421 matches found
CVE-2026-39847
Emmett is a full-stack Python web framework designed with simplicity. From 2.5.0 to before 2.8.1, the RSGI static handler for Emmett's internal assets /emmett paths is vulnerable to path traversal attacks. An attacker can use ../ sequences eg /emmett/../rsgi/handlers.py to read arbitrary files...
CVE-2026-39387
BoidCMS is an open-source, PHP-based flat-file CMS for building simple websites and blogs, using JSON as its database. Versions prior to 2.1.3 are vulnerable to a critical Local File Inclusion LFI attack via the tpl parameter, which can lead to Remote Code Execution RCE.The application fails to...
CVE-2026-44522
Note Mark is an open-source note-taking application. From 0.13.0 to before 0.19.4, the Note Mark application allows authenticated users to upload assets to notes via POST /api/notes/noteID/assets, where the asset filename is provided through the X-Name HTTP request header. This value is stored...
CVE-2026-8134
Concrete CMS 9.5.0 and below fails to sanitize path traversal sequences in the ptComposerFormLayoutSetControlCustomTemplate field when saving page type composer form layouts. An authenticated rogue administrator with composer form editing rights can exploit this to include arbitrary readable file...
CVE-2020-37219
Joomla comfabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbitrary files by manipulating the folder parameter. Attackers can send GET requests to the onAjaxfiles method with path traversal sequences to enumerate files in system directories...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the cluster-admin:backup-datastore component. The user-controlled input of the filePath argument to the BackupDatastoreCommand passes its value into the fileName parameter of a ObjectOutputStream invocations, whic...
Directory Traversal
Overview ait-core is a NASA JPL's Ground Data System toolkit for Instrument and CubeSat Missions Affected versions of this package are vulnerable to Directory Traversal in the StreamCaptureManagerServer process when handling unauthenticated HTTP POST requests to the /NAME/start endpoint. An...
Directory Traversal
Overview nocodb is a NocoDB Affected versions of this package are vulnerable to Directory Traversal in the process that handles SQLite source filenames. An attacker can gain unauthorized access to or modify internal application data by supplying a crafted filename that points to arbitrary files...
OESA-2026-2578 ruby security update
Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior ...
OESA-2026-2571 gvfs security update
Gvfs is a userspace virtual filesystem implementation for GIO a library available in GLib. It comes with a set of backends, including trash support, SFTP, SMB, HTTP, DAV, and many others. Gvfs also contains modules for GIO that implement volume monitors and persistent metadata storage. Security...
OESA-2026-2570 gvfs security update
Gvfs is a userspace virtual filesystem implementation for GIO a library available in GLib. It comes with a set of backends, including trash support, SFTP, SMB, HTTP, DAV, and many others. Gvfs also contains modules for GIO that implement volume monitors and persistent metadata storage. Security...
GHSA-C66C-VQ6W-FVH5 Omni: Operator can traverse image-factory API paths via unsanitized `talos_version` in CreateSchematic
Summary managementServer.CreateSchematic internal/backend/grpc/schematics.go passes the caller-controlled TalosVersion field directly to imageFactoryClient.OverlaysVersions, which embeds it verbatim into a fmt.Sprintf"/version/%s/overlays/official", talosVersion path template. url.URL.JoinPath...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the CreateSchematic process. An attacker can access unintended server paths and obtain internal error responses by supplying crafted input to the talosVersion parameter containing directory traversal...
Omni: Operator can traverse image-factory API paths via unsanitized `talos_version` in CreateSchematic
Summary managementServer.CreateSchematic internal/backend/grpc/schematics.go passes the caller-controlled TalosVersion field directly to imageFactoryClient.OverlaysVersions, which embeds it verbatim into a fmt.Sprintf"/version/%s/overlays/official", talosVersion path template. url.URL.JoinPath...
SUSE-SU-2026:22081-1 Security update for perl-XML-LibXML
This update for perl-XML-LibXML fixes the following issue - CVE-2026-8177: read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences bsc1264715...
OPENSUSE-SU-2026:20908-1 Security update for perl-XML-LibXML
This update for perl-XML-LibXML fixes the following issue - CVE-2026-8177: read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences bsc1264715...
Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Axios
Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Axios. CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042,...
Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 1.0.319 Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the...
BIT-AIRFLOW-2026-40861 Apache Airflow: Arbitrary File Read via Log Symlink following in FileTaskHandler
A Dag author could either a create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process read-path attack — e.g. /etc/passwd or airflow.cfg or b supply a taskid containing .. sequences accepted by the Task SDK's KEYREGEX write-path attack, and...
MOLOT System Card: Malicious Operational Logic Observation Transformer
MOLOT Malicious Operational Logic Observation Transformer is a static malicious-code detection system designed for SAST setup where package metadata, maintainer history, and dynamic execution traces may be unavailable or unreliable. The system represents source code as behavior sequences derived...