Lucene search
K

792 matches found

OSV
OSV
added 2026/03/23 8:31 p.m.2 views

CVE-2026-23484 Blinko: Authenticated Arbitrary File Write - saveDevPlugin

Blinko is an AI-powered card note-taking project. In versions from 1.8.3 and prior, the fileName parameter is not filtered, allowing path traversal to write files anywhere on the file system. Moreover, this interface only requires authProcedure normal user, not superAdminAuthMiddleware. At time o...

5.3CVSS5.9AI score0.00336EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability, which was caused by excessive reading and writing operations related to WebGL. This vulnerability could lead to arbitrary reading and writing...

8.8CVSS6.1AI score0.00324EPSS
Exploits0References3
OSV
OSV
added 2026/03/18 2:16 a.m.5 views

CVE-2026-22171

OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the Feishu media download flow where untrusted media keys are interpolated directly into temporary file paths in extensions/feishu/src/media.ts. An attacker who can control Feishu media key values returned to the clien...

9.1CVSS6AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/17 6:49 a.m.2 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS5.7AI score0.00526EPSS
Exploits1References6
OSV
OSV
added 2026/03/13 9:19 p.m.5 views

CVE-2026-32709 PX4 Autopilot MAVLink FTP Unauthenticated Path Traversal (Arbitrary File Read/Write/Delete)

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, An unauthenticated path traversal vulnerability in the PX4 Autopilot MAVLink FTP implementation allows any MAVLink peer to read, write, create, delete, and rename arbitrary files on the flight controller filesystem withou...

5.4CVSS5.9AI score0.00476EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/03/12 8:57 p.m.6 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS7.3AI score0.00526EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/03/12 4:50 p.m.3 views

CVE-2026-28793 Path Traversal Leading to Arbitrary File Read, Write and Delete in TinaCMS

Tina is a headless content management system. Prior to 2.1.8, the TinaCMS CLI development server exposes media endpoints that are vulnerable to path traversal, allowing attackers to read and write arbitrary files on the filesystem outside the intended media directory. When running tinacms dev, th...

8.4CVSS5.9AI score0.00203EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/10 5:33 p.m.28 views

CVE-2026-30973 Zip Slip arbitrary file write in @appium/support ZIP extraction

Appium is an automation framework that provides WebDriver-based automation possibilities for a wide range platforms. Prior to 7.0.6, @appium/support contains a ZIP extraction implementation extractAllTo via ZipExtractor.extract with a path traversal Zip Slip check that is non-functional. The chec...

6.5CVSS0.00388EPSS
Exploits1References2
CVE
CVE
added 2026/03/09 8:16 a.m.10 views

CVE-2025-41758

CVE-2025-41758 involves an arbitrary file write via the wwupload.cgi endpoint due to path traversal. A low-privileged remote attacker can overwrite arbitrary files on the device, enabling full system compromise. The connected CVE entries confirm the same description; no concrete mitigation or pat...

8.8CVSS5.9AI score0.00542EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/04 7:44 p.m.7 views

CVE-2026-28518

OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or...

8.4CVSS6AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 2026/03/04 5:16 p.m.8 views

CVE-2025-66678

An issue in the HwRwDrv.sys component of Nil Hardware Editor Hardware Read & Write Utility v1.25.11.26 and earlier allows attackers to execute arbitrary read and write operations via a crafted request...

9.8CVSS0.00641EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/03/04 9:7 a.m.5 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS7.3AI score0.00526EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.5 views

PT-2026-22963

An issue in the HwRwDrv.sys component of Nil Hardware Editor Hardware Read & Write Utility v1.25.11.26 and earlier allows attackers to execute arbitrary read and write operations via a crafted request...

6.1AI score0.00641EPSS
Exploits1References3
OSV
OSV
added 2026/03/03 11:9 p.m.5 views

GHSA-JXRQ-8FM4-9P58 OpenClaw: Zip extraction symlink traversal could write outside destination

Summary A path confinement bypass in OpenClaw ZIP extraction allowed writes outside the intended destination when a pre-existing symlink was present under the extraction root. Affected Packages / Versions - Package: openclaw npm - Latest published npm version at triage time: 2026.2.21-2 - Affecte...

7.1CVSS5.9AI score
Exploits0References3
Cvelist
Cvelist
added 2026/02/26 12:39 a.m.26 views

CVE-2026-27884 NetExec vulnerable to arbitrary file write via path traversal in spider_plus module

NetExec is a network execution tool. Prior to version 1.5.1, the module spiderplus improperly creates the output file and folder path when saving files from SMB shares. It does not take into account that it is possible for Linux SMB shares to have path traversal characters such as ../ in them. An...

5.3CVSS0.00329EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/02/25 2:43 p.m.3 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS7.3AI score0.00526EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2026/02/21 12:23 a.m.1 views

SUSE CVE-2026-26960

node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as the extracting use...

7.1CVSS5.8AI score0.00288EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/20 1:7 a.m.30 views

CVE-2026-26960 node-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in Extraction

node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as the extracting use...

7.1CVSS0.00288EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2026/02/20 1:7 a.m.7 views

CVE-2026-26960

node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as the extracting use...

7.1CVSS5.7AI score0.00288EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/02/18 1:41 a.m.7 views

CVE-2025-59793

Rocket TRUfusion Enterprise through 7.10.5 exposes the endpoint at /axis2/services/WsPortalV6UpDwAxis2Impl to authenticated users to be able to upload files. However, the application doesn't properly sanitize the jobDirectory parameter, which allows path traversal sequences to be included. This...

9.9CVSS6AI score0.01027EPSS
Exploits1References1
Rows per page
Query Builder