20723 matches found
PT-2026-34511
A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The implementation utilizes to string lossy when constructing chunk filenames, which automatically rewrites invalid byte sequences into the UTF-8...
PT-2026-34513
A logic error in the env utility of uutils coreutils causes a failure to correctly parse command-line arguments when utilizing the -S split-string option. In GNU env, backslashes within single quotes are treated literally with the exceptions of and '. However, the uutils implementation incorrectl...
PT-2026-34502
The printenv utility in uutils coreutils fails to display environment variables containing invalid UTF-8 byte sequences. While POSIX permits arbitrary bytes in environment strings, the uutils implementation silently skips these entries rather than printing the raw bytes. This vulnerability allows...
PT-2026-34553
EspoCRM is an open source customer relationship management application. Prior to version 9.3.4, the admin template management endpoints accept attacker-controlled name and scope values and pass them into template path construction without normalization or traversal filtering. As a result, an...
PT-2026-34597
Name of the Vulnerable Software and Affected Versions ci4ms affected versions not specified Description An issue exists in the restore action of the backup module where user-uploaded ZIP archives are extracted without validating entry names. This allows an authenticated backend user with backup...
PT-2026-34624
Name of the Vulnerable Software and Affected Versions i18next-http-middleware versions prior to 3.9.3 Description The software writes user-controlled language values into the 'Content-Language' response header using an HTML-entity encoder that fails to strip carriage return, line feed, or other...
PT-2026-34581
IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to write arbitrary files on the system...
PT-2026-34615
Name of the Vulnerable Software and Affected Versions @xmldom/xmldom versions prior to 0.8.13 @xmldom/xmldom versions prior to 0.9.10 xmldom versions prior to 0.6.0 Description The software allows attacker-controlled comment content to be serialized into XML without validating or neutralizing...
PT-2026-34617
Name of the Vulnerable Software and Affected Versions @xmldom/xmldom versions prior to 0.8.13 @xmldom/xmldom versions prior to 0.9.10 xmldom versions prior to 0.6.0 Description The package serializes DocumentType node fields internalSubset, publicId, and systemId verbatim without escaping or...
PT-2026-34618
Name of the Vulnerable Software and Affected Versions @xmldom/xmldom versions prior to 0.8.13 @xmldom/xmldom versions prior to 0.9.10 xmldom versions 0.6.0 and earlier Description The software allows attacker-controlled processing instruction PI data to be serialized into XML without validating o...
Linux Distros Unpatched Vulnerability : CVE-2026-35346
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses...
Linux Distros Unpatched Vulnerability : CVE-2026-35375
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : NTFS-3G vulnerabilities (USN-8192-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8192-1 advisory. Jeffrey Bencteux discovered that NTFS-3G incorrectly handled certain UTF-8 sequences. An attacker could use this issue to cause NTFS-...
Linux Distros Unpatched Vulnerability : CVE-2026-35377
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic error in the env utility of uutils coreutils causes a failure to correctly parse command-line arguments when utilizing the -S split-string option. In GN...
Linux Distros Unpatched Vulnerability : CVE-2026-40611
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Let's Encrypt client and ACME library written in Go Lego. Prior to 4.34.0, the webroot HTTP-01 challenge provider in lego is vulnerable to arbitrary file write...
Linux Distros Unpatched Vulnerability : CVE-2026-35366
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The printenv utility in uutils coreutils fails to display environment variables containing invalid UTF-8 byte sequences. While POSIX permits arbitrary bytes in...
CVE-2026-41062
WWBN AVideo is an open source video platform. In versions 29.0 and below, the directory traversal fix introduced in commit 2375eb5e0 for objects/aVideoEncoderReceiveImage.json.php only checks the URL path component via parseurl$url, PHPURLPATH for .. sequences. However, the downstream function...
CVE-2026-41058
WWBN AVideo is an open source video platform. In versions 29.0 and below, the incomplete fix for AVideo's CloneSite deleteDump parameter does not apply path traversal filtering, allowing unlink of arbitrary files via ../../ sequences in the GET parameter. Commit...
CVE-2026-41062
Summary: WWBN AVideo
CVE-2026-41062 WWBN/AVideo has an incomplete fix for a directory traversal bypass via query string in ReceiveImage downloadURL parameters
WWBN AVideo is an open source video platform. In versions 29.0 and below, the directory traversal fix introduced in commit 2375eb5e0 for objects/aVideoEncoderReceiveImage.json.php only checks the URL path component via parseurl$url, PHPURLPATH for .. sequences. However, the downstream function...