20535 matches found
UBUNTU-CVE-2026-42257
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled...
CVE-2026-42605 AzuraCast: Path Traversal in `currentDirectory` Parameter Enables Remote Code Execution via Media Upload
AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the currentDirectory request parameter in the Flow.js media upload endpoint POST /api/station/stationid/files/upload is not sanitized for path traversal sequences. When combined with a local filesystem...
CVE-2026-42605 AzuraCast: Path Traversal in `currentDirectory` Parameter Enables Remote Code Execution via Media Upload
AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the currentDirectory request parameter in the Flow.js media upload endpoint POST /api/station/stationid/files/upload is not sanitized for path traversal sequences. When combined with a local filesystem...
CVE-2026-42605
AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the currentDirectory request parameter in the Flow.js media upload endpoint POST /api/station/stationid/files/upload is not sanitized for path traversal sequences. When combined with a local filesystem...
EUVD-2026-28936
AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the currentDirectory request parameter in the Flow.js media upload endpoint POST /api/station/stationid/files/upload is not sanitized for path traversal sequences. When combined with a local filesystem...
CVE-2026-42605
AzuraCast (prior to 0.23.6) has a path traversal remote code execution flaw in the media upload flow. The currentDirectory parameter in FlowUploadAction is not sanitized, allowing an authenticated user with media permissions to place files outside the station media directory when using local file...
CVE-2026-42257 net-imap: Command Injection via "raw" arguments to multiple commands
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled...
CVE-2026-42257 net-imap: Command Injection via "raw" arguments to multiple commands
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled...
CVE-2026-42257
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled...
EUVD-2026-28926
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled...
CVE-2026-42257
CVE-2026-42257 affects the Ruby Net::IMAP library where, prior to versions 0.4.24, 0.5.14, and 0.6.4, several IMAP commands accept a raw string argument sent to the server without validation or escaping. If derived from user input, this can include CRLF sequences and allow injection of arbitrary ...
CVE-2026-42257
Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled...
Security Bulletin: Multiple Vulnerabilities in watsonx.data
Summary Multiple vulnerabilities were addressed in watsonx.data 2.3.1 patch 2 version, which were present in different version from watson.data 2.2 to watsonx.dat 2.3 Vulnerability Details CVEID:CVE-2025-13466 DESCRIPTION: body-parser 2.2.0 is vulnerable to denial of service due to inefficient...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-017332)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017332 advisory. An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The striptags method and striptags template filter are subject to a...
Directory Traversal
Overview SharpCompress is a compression library for NET Standard 2.0/2.1/NET 5.0 that can unrar, decompress 7zip, decompress xz, zip/unzip, tar/untar lzip/unlzip, bzip2/unbzip2 and gzip/ungzip with forward-only reading and file random access APIs. Affected versions of this package are vulnerable ...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in validatefilepath in viewcomponentssystemtestcontroller.rb, which is accessible via the system test entrypoint. An attacker with access to this endpoint, which is mounted in Rails.env.test?, can read files in a...
Arbitrary File Upload
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Arbitrary File Upload via the storedoc process. An attacker can write arbitrary files to locations outside the intended upload directory by supplying crafted filenames containing path traversal sequences in t...
Directory Traversal
Overview dash-uploader is an Upload large files using resumable.js Affected versions of this package are vulnerable to Directory Traversal via improper validation of user-supplied input in the gettemproot and post functions. An attacker can gain unauthorized access to files and execute arbitrary...
Directory Traversal
Overview potato-annotation is an A flexible, stand-alone, web-based platform for text annotation tasks Affected versions of this package are vulnerable to Directory Traversal via the validatepathsecurity function. An attacker can gain unauthorized access to files outside the intended project...
SiYuan Affected by Stored XSS via Attribute View Name to Electron Renderer RCE
Summary The kernel stores Attribute View AV / database names without any HTML escape, then a render template uses raw strings.ReplaceAlltpl, "$avName", nodeAvName to embed the name in HTML before pushing to all clients via WebSocket. Three independent client paths render.ts:120 → outerHTML,...