2037 matches found
EUVD-2022-52990
Malicious code in bioql PyPI...
EUVD-2022-52973
Malicious code in bioql PyPI...
EUVD-2022-53001
Malicious code in bioql PyPI...
EUVD-2022-53012
Malicious code in bioql PyPI...
EUVD-2024-54461
Malicious code in bioql PyPI...
EUVD-2022-53034
Malicious code in bioql PyPI...
EUVD-2025-22974
Malicious code in bioql PyPI...
EUVD-2022-53028
Malicious code in bioql PyPI...
EUVD-2022-52965
Malicious code in bioql PyPI...
EUVD-2025-4302
Malicious code in bioql PyPI...
EUVD-2025-28433
Malicious code in bioql PyPI...
EUVD-2022-53030
Malicious code in bioql PyPI...
EUVD-2022-52967
Malicious code in bioql PyPI...
A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality.
...
GHSA-CCC3-FVFX-MW3V MobSF Path Traversal in GET /download/<filename> using absolute filenames
Summary The GET /download/ route uses string path verification via os.path.commonprefix, which allows an authenticated user to download files outside the DWDDIR download directory from "neighboring" directories whose absolute paths begin with the same prefix as DWDDIR e.g., .../downloadsbak,...
MobSF Path Traversal in GET /download/<filename> using absolute filenames
Summary The GET /download/ route uses string path verification via os.path.commonprefix, which allows an authenticated user to download files outside the DWDDIR download directory from "neighboring" directories whose absolute paths begin with the same prefix as DWDDIR e.g., .../downloadsbak,...
CVE-2025-58162 MobSF Vulnerable to Arbitrary File Write (AR-Slip) via Absolute Path in .a Extraction
MobSF is a mobile application security testing tool used. In version 4.4.0, an authenticated user who uploaded a specially prepared one.a, can write arbitrary files to any directory writable by the user of the MobSF process. This issue has been patched in version 4.4.1...
CVE-2025-58162 MobSF Vulnerable to Arbitrary File Write (AR-Slip) via Absolute Path in .a Extraction
MobSF is a mobile application security testing tool used. In version 4.4.0, an authenticated user who uploaded a specially prepared one.a, can write arbitrary files to any directory writable by the user of the MobSF process. This issue has been patched in version 4.4.1...
Linux Distros Unpatched Vulnerability : CVE-2018-11762
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not specify an extract directory on the commandline --extract-dir= and the input file has an...
Linux Distros Unpatched Vulnerability : CVE-2015-1192
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Absolute path traversal vulnerability in kgb 1.0b4 allows remote attackers to write to arbitrary files via a full pathname in a crafted archive. CVE-2015-1192...