CVE-2026-41459

Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that allows unauthenticated attackers to retrieve the full server-side filesystem path of the application root. Attackers can send a GET request to the /setup page to access the exposed rootpath value...

Linux Distros Unpatched Vulnerability : CVE-2017-5644

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache POI in versions prior to release 3.15 allows remote attackers to cause a denial of service CPU consumption via a specially crafted OOXML file, aka an XML...

Pyro Arbitrary File Overwrite Vulnerability

pyro is a distributed object technology system written in the Python language. An arbitrary file overwrite vulnerability exists in pyro versions prior to 3.15, which stems from a program that does not securely handle pid files in a temporary directory and opens the pid file as root. The...

CVE-2011-2765 Insecure temporary file handling

pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. An attacker can use this flaw to overwrite arbitrary files via symlinks...