5225 matches found
CVE-2025-59352 Dragonfly allows arbitrary file read and write on a peer machine
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the gRPC API and HTTP APIs allow peers to send requests that force the recipient peer to create files in arbitrary file system locations, and to read arbitrary files. This allows peers to steal...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal due to improper validation of the X-Zone-Id header. An attacker can cause arbitrary files to be written outside the intended storage directory by supplying specially crafted path traversal sequences in the header...
esm.sh has arbitrary file write via path traversal in `X-Zone-Id` header
Summary A path-traversal flaw in the handling of the X-Zone-Id HTTP header allows an attacker to cause the application to write files outside the intended storage location. The header value is used to build a filesystem path but is not properly canonicalized or restricted to the application’s...
GHSA-G2H5-CVVR-7GMW esm.sh has arbitrary file write via path traversal in `X-Zone-Id` header
Summary A path-traversal flaw in the handling of the X-Zone-Id HTTP header allows an attacker to cause the application to write files outside the intended storage location. The header value is used to build a filesystem path but is not properly canonicalized or restricted to the application’s...
CVE-2025-59342
esm.sh is a nobuild content delivery networkCDN for modern web development. In 136 and earlier, a path-traversal flaw in the handling of the X-Zone-Id HTTP header allows an attacker to cause the application to write files outside the intended storage location. The header value is used to build a...
CVE-2025-59342 esm.sh writes arbitrary files via path traversal in `X-Zone-Id` header
esm.sh is a nobuild content delivery networkCDN for modern web development. In 136 and earlier, a path-traversal flaw in the handling of the X-Zone-Id HTTP header allows an attacker to cause the application to write files outside the intended storage location. The header value is used to build a...
CVE-2025-59342 esm.sh writes arbitrary files via path traversal in `X-Zone-Id` header
esm.sh is a nobuild content delivery networkCDN for modern web development. In 136 and earlier, a path-traversal flaw in the handling of the X-Zone-Id HTTP header allows an attacker to cause the application to write files outside the intended storage location. The header value is used to build a...
GO-2025-3926 Harness Allows Arbitrary File Write in Gitness LFS server in github.com/harness/gitness
Harness Allows Arbitrary File Write in Gitness LFS server in github.com/harness/gitness...
Samsung MagicINFO Server < 21.1052.0 Path Traversal
The version of Samsung MagicINFO Server installed on the remote Windows host is affected by a vulnerability. Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority...
AIX/VIOS is vulnerable to arbitrary file write due to Kerberos (CVE-2025-36244)
IBM SECURITY ADVISORY First Issued: Tue Sep 16 08:16:52 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/nasadvisory4.asc Security Bulletin: AIX is vulnerable to arbitrary file write due to Kerberos CVE-2025-36244...
wishlist-member-vuln-analysis
📄 Overview This repository contains a detailed analysis of a...
CVE-2025-41714
The upload endpoint insufficiently validates the 'Upload-Key' request header. By supplying path traversal sequences, an authenticated attacker can cause the server to create upload-related artifacts outside the intended storage location. In certain configurations this enables arbitrary file write...
SUSE CVE-2025-56760
When Memos 0.22 is configured to store objects locally, an attacker can create a file via the CreateResource endpoint containing a path traversal sequence in the name, allowing arbitrary file write on the server...
CVE-2025-41714
The upload endpoint insufficiently validates the 'Upload-Key' request header. By supplying path traversal sequences, an authenticated attacker can cause the server to create upload-related artifacts outside the intended storage location. In certain configurations this enables arbitrary file write...
CVE-2025-41714 Path Traversal via 'Upload-Key' in SmartEMS Upload Handling
The upload endpoint insufficiently validates the 'Upload-Key' request header. By supplying path traversal sequences, an authenticated attacker can cause the server to create upload-related artifacts outside the intended storage location. In certain configurations this enables arbitrary file write...
CVE-2025-41714
CVE-2025-41714 affects the Welotec SmartEMS Web Application (SmartEMS Upload Handling). The issue is in the upload endpoint where the Upload-Key header is not adequately validated, allowing path traversal sequences to cause upload-related artifacts to be created outside the intended storage locat...
Zip Slip
Overview monai is an AI Toolkit for Healthcare Imaging Affected versions of this package are vulnerable to Zip Slip via the use of zipfile.extractalloutputdir. An attacker can overwrite arbitrary files on the system by supplying a crafted zip archive containing files with path traversal sequences...
MONAI does not prevent path traversal, potentially leading to arbitrary file writes
Summary The extractall function zipfile.extractalloutputdir is used directly to process compressed files. It is used in many places in the project. When the Zip file containing malicious content is decompressed, it will overwrite the system files. In addition, the project allows the download of t...
APSB25-93 : Security update available for Adobe ColdFusion
Adobe has released security updates for ColdFusion versions 2025, 2023 and 2021. These updates resolve a critical vulnerability that could lead to arbitrary file system write...
GO-2025-3930 Soft Serve vulnerable to arbitrary file writing through SSH API in github.com/charmbracelet/soft-serve
Soft Serve vulnerable to arbitrary file writing through SSH API in github.com/charmbracelet/soft-serve...