21004 matches found
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal due to unsafe path handling. An attacker can access, overwrite, or delete files outside the intended directories by supplying specially crafted names or archive entries containing path traversal sequences...
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal due to unsafe path handling. An attacker can access, overwrite, or delete files outside the intended directories by supplying specially crafted names or archive entries containing path traversal sequences...
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal due to unsafe path handling. An attacker can access, overwrite, or delete files outside the intended directories by supplying specially crafted names or archive entries containing path traversal sequences...
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal due to unsafe path handling. An attacker can access, overwrite, or delete files outside the intended directories by supplying specially crafted names or archive entries containing path traversal sequences...
CVE-2025-34320
BASIS BBj versions prior to 25.00 contain a Jetty-served web endpoint that fails to properly validate or canonicalize input path segments. This allows unauthenticated directory traversal sequences to cause the server to read arbitrary system files accessible to the account running the service...
EUVD-2025-198810
Fluent Bit outfile plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause...
CVE-2025-12972
Fluent Bit outfile plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause...
CVE-2025-12972
Fluent Bit outfile plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause...
New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions
Cybersecurity researchers have discovered five vulnerabilities in Fluent Bit, an open-source and lightweight telemetry agent, that could be chained to compromise and take over cloud infrastructures. The security defects "allow attackers to bypass authentication, perform path traversal, achieve...
CVE-2025-12972 CVE-2025-12972
Fluent Bit outfile plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause...
CVE-2025-12972 CVE-2025-12972
Fluent Bit outfile plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause...
CVE-2025-12972
CVE-2025-12972 affects Fluent Bit, specifically the out_file plugin. When the File option is omitted, untrusted tag input is used to build output file paths, and tags containing path traversal sequences can cause files to be written outside the intended directory. This may enable unauthorized fil...
Security update for tomcat
This update for tomcat fixes the following issues: CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905 CVE-2025-61795: Fixed denial of...
SUSE-SU-2025:4184-1 Security update for tomcat
This update for tomcat fixes the following issues: - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 - CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905 - CVE-2025-61795: Fixed denial o...
SUSE: Security Advisory (SUSE-SU-2025:4159-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:4159-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2025-47922
Name of the Vulnerable Software and Affected Versions Fluent Bit versions prior to 4.1.1 Description The out file plugin in Fluent Bit does not properly sanitize tag values when creating output file names. If the File option is not specified, the plugin utilizes tag input, which is considered...
Fluent Bit contains five vulnerabilities, including stack buffer overflow, auth bypass, and path traversal
Overview Fluent Bit is a logging and metrics processor and forwarder that is used in a variety of cloud and container networking environments. Several vulnerabilities in Fluent Bit have been discovered that could allow for authentication bypass, remote code execution RCE and denial of service DoS...
SUSE SLES15 / openSUSE 15 Security Update : tomcat (SUSE-SU-2025:4159-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4159-1 advisory. Update to Tomcat 9.0.111: - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled...
Security update for tomcat
This update for tomcat fixes the following issues: Update to Tomcat 9.0.111: CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753 CVE-2025-55754: Fixed improper neutralization of escape, meta, or control sequences vulnerability bsc1252905...