20765 matches found
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for February 2025.
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 25.0.0-IF004. Vulnerability Details CVEID:CVE-2025-8869 DESCRIPTION: When extracting a tar archive pip may not check symbolic lin...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the resolveURI function while performing directory validation when the configuration value livy.file.local-dir-whitelist is set to a non-default value. An attacker can gain unauthorized access to arbitrary...
CVE-2026-4092
CVE-2026-4092 affects Google clasp prior to 3.2.0. A path traversal in filenames within a Google Apps Script project can lead to remote code execution, enabling an attacker to write arbitrary files on the host. Affected versions:
CVE-2026-4092 Arbitrary File Write via Path Traversal in Google clasp leading to RCE
Path Traversal in Clasp impacting versions 3.2.0 allows a remote attacker to perform remote code execution via a malicious Google Apps Script project containing specially crafted filenames with directory traversal sequences...
CVE-2026-4092 Arbitrary File Write via Path Traversal in Google clasp leading to RCE
Path Traversal in Clasp impacting versions 3.2.0 allows a remote attacker to perform remote code execution via a malicious Google Apps Script project containing specially crafted filenames with directory traversal sequences...
CVE-2026-4092
Path Traversal in Clasp impacting versions 3.2.0 allows a remote attacker to perform remote code execution via a malicious Google Apps Script project containing specially crafted filenames with directory traversal sequences...
Directory Traversal
Overview magic-wormhole is a Securely transfer data between computers Affected versions of this package are vulnerable to Directory Traversal via the wormhole receive process. An attacker can overwrite arbitrary files on the local system by sending a crafted filename during file transfer. This is...
SUSE CVE-2019-25355
gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal...
Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager
F5 BIG-IP TMUI Remote Code Execution Vulnerability CVE-2020-5...
BIT-GITLAB-2026-3848 Improper Neutralization of CRLF Sequences ('CRLF Injection') in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to make unintended internal requests through proxy environments under certain conditions due to improper input...
Security update for busybox
This update for busybox fixes the following issues: CVE-2023-42363: use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580. CVE-2023-42364: use-after-free in the awk.c evaluate function bsc1217584. CVE-2023-42365: use-after-free in the awk.c copyvar function bsc1217585...
SUSE-SU-2026:0892-1 Security update for busybox
This update for busybox fixes the following issues: - CVE-2023-42363: use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580. - CVE-2023-42364: use-after-free in the awk.c evaluate function bsc1217584. - CVE-2023-42365: use-after-free in the awk.c copyvar function...
CVE-2026-22199
Technical details for CVE-2026-22199 are not publicly available in the provided connected documents. Monitor for updates from the vendor and CVE feeds.