796 matches found
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 146.0.7680.178 contained a security vulnerability caused by a codec integer overflow, which could allow arbitrary read and write operations to be executed through specially crafted HTML pag...
CVE-2026-33897 Incus vulnerable to arbitrary file read and write through pongo templates
Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to cause arbitrary read or writes as root on the host server. Incus allows for pongo2 templates within instances which can be used at various times in the instance lifecycle to...
CVE-2026-33329 FileRise: Path Traversal in `resumableIdentifier` Leading to Arbitrary File Write, Recursive Directory Deletion, and Limited Existence Oracle
FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter in the Resumable.js chunked upload handler UploadModel::handleUpload is concatenated directly into filesystem paths without any sanitization. An authenticated...
CVE-2026-28483
...
CVE-2026-23484 Blinko: Authenticated Arbitrary File Write - saveDevPlugin
Blinko is an AI-powered card note-taking project. In versions from 1.8.3 and prior, the fileName parameter is not filtered, allowing path traversal to write files anywhere on the file system. Moreover, this interface only requires authProcedure normal user, not superAdminAuthMiddleware. At time o...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability, which was caused by excessive reading and writing operations related to WebGL. This vulnerability could lead to arbitrary reading and writing...
CVE-2026-22171 OpenClaw < 2026.2.19 - Path Traversal in Feishu Media Temporary File Naming
OpenClaw versions prior to 2026.2.19 contain a path traversal vulnerability in the Feishu media download flow where untrusted media keys are interpolated directly into temporary file paths in extensions/feishu/src/media.ts. An attacker who can control Feishu media key values returned to the clien...
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...
CVE-2026-32709 PX4 Autopilot MAVLink FTP Unauthenticated Path Traversal (Arbitrary File Read/Write/Delete)
PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, An unauthenticated path traversal vulnerability in the PX4 Autopilot MAVLink FTP implementation allows any MAVLink peer to read, write, create, delete, and rename arbitrary files on the flight controller filesystem withou...
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...
CVE-2026-28793 Path Traversal Leading to Arbitrary File Read, Write and Delete in TinaCMS
Tina is a headless content management system. Prior to 2.1.8, the TinaCMS CLI development server exposes media endpoints that are vulnerable to path traversal, allowing attackers to read and write arbitrary files on the filesystem outside the intended media directory. When running tinacms dev, th...
CVE-2026-30973 Zip Slip arbitrary file write in @appium/support ZIP extraction
Appium is an automation framework that provides WebDriver-based automation possibilities for a wide range platforms. Prior to 7.0.6, @appium/support contains a ZIP extraction implementation extractAllTo via ZipExtractor.extract with a path traversal Zip Slip check that is non-functional. The chec...
CVE-2025-41758
CVE-2025-41758 involves an arbitrary file write via the wwupload.cgi endpoint due to path traversal. A low-privileged remote attacker can overwrite arbitrary files on the device, enabling full system compromise. The connected CVE entries confirm the same description; no concrete mitigation or pat...
CVE-2026-28518
OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or...
CVE-2025-66678
An issue in the HwRwDrv.sys component of Nil Hardware Editor Hardware Read & Write Utility v1.25.11.26 and earlier allows attackers to execute arbitrary read and write operations via a crafted request...
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...
PT-2026-22963
An issue in the HwRwDrv.sys component of Nil Hardware Editor Hardware Read & Write Utility v1.25.11.26 and earlier allows attackers to execute arbitrary read and write operations via a crafted request...
GHSA-JXRQ-8FM4-9P58 OpenClaw: Zip extraction symlink traversal could write outside destination
Summary A path confinement bypass in OpenClaw ZIP extraction allowed writes outside the intended destination when a pre-existing symlink was present under the extraction root. Affected Packages / Versions - Package: openclaw npm - Latest published npm version at triage time: 2026.2.21-2 - Affecte...
CVE-2026-27884 NetExec vulnerable to arbitrary file write via path traversal in spider_plus module
NetExec is a network execution tool. Prior to version 1.5.1, the module spiderplus improperly creates the output file and folder path when saving files from SMB shares. It does not take into account that it is possible for Linux SMB shares to have path traversal characters such as ../ in them. An...
runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...