CVE-2026-43624 F5-TTS 1.1.20 Path Traversal via finetune_gradio.py create_data_project()

F5-TTS through version 1.1.20 contains a path traversal vulnerability in the finetune Gradio handlers that allows unauthenticated attackers to write arbitrary files by passing unsanitized user-supplied project names directly to os.path.join without validating the resulting path stays within the...

CVE-2026-3524

Mattermost Plugin Legal Hold versions =1.1.4 fail to halt request processing after a failed authorization check in ServeHTTP which allows an authenticated attacker to access, create, download, and delete legal hold data via crafted API requests to the plugin's endpoints. Mattermost Advisory ID:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005700)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005700 advisory. In the Linux kernel, the following vulnerability has been resolved: nubus: Partially revert proccreatesingledata conversion The conversion to proccreatesingledata...

EUVD-2011-5258

Malware in sbrugna...

EUVD-2023-59867

Malicious code in bioql PyPI...

SUSE CVE-2023-53217

In the Linux kernel, the following vulnerability has been resolved: nubus: Partially revert proccreatesingledata conversion The conversion to proccreatesingledata introduced a regression whereby reading a file in /proc/bus/nubus results in a seg fault: grep -r . /proc/bus/nubus/e/ Data read fault...

Linux Distros Unpatched Vulnerability : CVE-2023-53217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nubus: Partially revert proccreatesingledata conversion The conversion to proccreatesingledata introduced a regression whereby reading a file in /proc/bus/nubus...

CVE-2023-53217

In the Linux kernel, the following vulnerability has been resolved: nubus: Partially revert proccreatesingledata conversion The conversion to proccreatesingledata introduced a regression whereby reading a file in /proc/bus/nubus results in a seg fault: grep -r . /proc/bus/nubus/e/ Data read fault...

CVE-2023-53217 nubus: Partially revert proc_create_single_data() conversion

In the Linux kernel, the following vulnerability has been resolved: nubus: Partially revert proccreatesingledata conversion The conversion to proccreatesingledata introduced a regression whereby reading a file in /proc/bus/nubus results in a seg fault: grep -r . /proc/bus/nubus/e/ Data read fault...

CVE-2025-52450

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Salesforce Tableau Server on Windows, Linux abdoc api - create-data-source-from-file-upload modules allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12,...

CVE-2025-52450

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Salesforce Tableau Server on Windows, Linux abdoc api - create-data-source-from-file-upload modules allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12,...

CVE-2011-10030

Foxit PDF Reader 4.3.1.0218 exposes a JavaScript API function, createDataObject, that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code...

CVE-2011-10030 Foxit PDF Reader < 4.3.1.0218 JavaScript File Write

Foxit PDF Reader 4.3.1.0218 exposes a JavaScript API function, createDataObject, that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code...

CVE-2021-2267

Vulnerability in the Oracle Labor Distribution product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Labor Distribution...

Oracle Trade Management Unauthorized Access Vulnerability

Oracle Trade Management is a trade management system from Oracle. It provides functions such as product categorization and allocation, import of purchase orders and letters of credit, and reconciliation of estimated and actual costs to improve trade efficiency and profitability. An unauthorized...