988 matches found
Directory Traversal
Overview pipecat-ai is an An open source framework for voice and multimodal assistants Affected versions of this package are vulnerable to Directory Traversal via the downloadfile function in the GET /files/filename:path endpoint when the process is started with the --folder flag. An attacker can...
APM – Agent Package Manager 路径遍历漏洞
APM – Agent Package Manager is an AI-based dependency management tool open sourced by Microsoft. Versions of APM prior to 0.13.0 contained a path traversal vulnerability. This vulnerability stemmed from a Windows-specific archive extraction boundary failure. When using apm install with Python 3.1...
CVE-2026-44522
Vulnerability summary (CVE-2026-44522) Note Mark up to 0.19.3 allows authenticated users to upload assets with a crafted X-Name header containing directory traversal. The asset name is stored in the database without validation, and is later passed directly to filepath.Join()/path.Join() during ex...
CVE-2026-32175
A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in validatefilepath in viewcomponentssystemtestcontroller.rb, which is accessible via the system test entrypoint. An attacker with access to this endpoint, which is mounted in Rails.env.test?, can read files in a...
PT-2026-39297
Name of the Vulnerable Software and Affected Versions SharpCompress affected versions not specified Description A path traversal issue exists in the IArchive.WriteToDirectory method, specifically within the WriteToDirectoryInternal and WriteToDirectoryAsyncInternal functions. This allows a...
📄 Dash-Uploader 0.7.0a2 Path Traversal
There is an unauthenticated path traversal in dash-uploader versions 0.1.0 through 0.7.0a2 allowing arbitrary file write, leading to but not limited to remote code execution, application source code overwrite, stored cross site scripting, and persistent backdoor installation. CVE-2026-38360: Path...
Linux Distros Unpatched Vulnerability : CVE-2026-39817
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The go tool pack subcommand usually used only by the compiler as an internal tool with known-good inputs does not sanitize output filenames. Extracting a...
CVE-2026-39817
The "go tool pack" subcommand usually used only by the compiler as an internal tool with known-good inputs does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem...
CVE-2026-39817
The "go tool pack" subcommand usually used only by the compiler as an internal tool with known-good inputs does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem...
CVE-2026-39817
The "go tool pack" subcommand usually used only by the compiler as an internal tool with known-good inputs does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem...
CVE-2026-39817
The "go tool pack" subcommand usually used only by the compiler as an internal tool with known-good inputs does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem...
CVE-2026-39817 Invoking "go tool pack" does not sanitize output paths in cmd/go
The "go tool pack" subcommand usually used only by the compiler as an internal tool with known-good inputs does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem...
USN-8256-1: opam vulnerability
Andrew Nesbitt discovered that opam did not properly validate file destination paths in package install files. An attacker could use this issue to bypass sandbox protections and write files to arbitrary locations, possibly leading to arbitrary code execution...
CVE-2026-41202
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.5.0, ci4ms Backup::restore extracts user uploaded ZIP archives without validating entry names, allowing an authenticated backend user...
Apache Wicket has a Path Traversal issue
FolderUploadsFileManager in Apache Wicket does not validate or sanitize the uploadFieldId parameter or the clientFileName before constructing file paths, allowing an unauthenticated attacker to write arbitrary files outside the intended upload directory or read files from arbitrary locations on t...
SUSE CVE-2026-44029
An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 introduced in 2.24.7;...
EUVD-2026-27014
PPTAgent: Arbitrary File Write + Directory Creation via markdowntabletoimage...
Eclipse BaSyx Java Server SDK vulnerable to Path Traversal
In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequate path normalization in the Submodel HTTP API allows an unauthenticated remote attacker to perform a path traversal attack. By supplying a maliciously crafted fileName parameter during a file upload operation, an...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the fileName parameter during a file upload operation. An attacker can bypass intended storage boundaries and write arbitrary files to any location on the host filesystem accessible by the Java process by supplyi...