EUVD-2026-29821

A command injection vulnerability exists in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to place arbitrary files on the underlying filesystem of the affected device...

CVE-2026-2331

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...

CVE-2026-2331

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...

SICK TDC-X401GL has security vulnerabilities

The SICK TDC-X401GL is a edge computing gateway from the German company SICK. The SICK TDC-X401GL has a security vulnerability. This vulnerability arises from the possibility for low-privilege attackers to read files from specific directories on the device, potentially leading to the exposure of...

CVE-2023-40708

The File Transfer Protocol FTP port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files...

Directory Traversal

Mammoth is vulnerable to Directory Traversal. The vulnerability is due to the lack of path or file type validation when processing DOCX files with externally linked images, which allows an attacker to read arbitrary files on the system or trigger excessive resource consumption by referencing...

EUVD-2025-20398

Malicious code in bioql PyPI...

USN-7723-1 udisks2 vulnerability

Michael Imfeld discovered that UDisks did not check the validity of input data correctly when handling files for loop devices. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

GHSA-9H84-QMV7-982P Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion

A Helm contributor discovered that it was possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. Impact A malicious chart can point $ref in values.schema.json to a device e.g. /dev/ or other problem file which...

Ensure That Removable Device Partitions Are Mounted Using noexec and nodev

The security of removable devices cannot be ensured completely due to a lot of factors, such as the source, usage, and transportation process. In this sense, removable devices are the main host for viruses. Therefore, removable devices must be mounted using noexec and nodev to improve security an...

PT-2025-3989 · Western Telematic · Western Telematic

Name of the Vulnerable Software and Affected Versions: Western Telematic WTI products affected versions not specified Description: The issue concerns a local file inclusion attack LFI in the web interface of Western Telematic products. Any authenticated user has privileged access to files on the...

kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query

A NULL pointer dereference issue was found in the Linux kernel's vmwgfx driver in vmwcmddxdefinequery. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causi...

CVE-2024-1303

Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows an authenticated attacker to retrieve any file from the device using the download-file functionality...

kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c

An integer overflow was found in the Linux kernel's vmwgfx driver. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, and able to issue an ioctl on the resulting file descriptor to crash the system, causing a denial of service...

CVE-2023-40708 Improper Access Control in OPTO 22 SNAP PAC S1

The File Transfer Protocol FTP port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files...

PT-2023-27606 · Opto 22 · Snap Pac S1 Firmware

Name of the Vulnerable Software and Affected Versions: SNAP PAC S1 Firmware version R10.3b Description: The File Transfer Protocol FTP port is open by default, which could allow an adversary to access some device files. Recommendations: For SNAP PAC S1 Firmware version R10.3b, consider disabling...

OPTO 22 SNAP PAC S1 安全漏洞

The OPTO 22 SNAP PAC S1 is a controller from OPTO 22 USA. A security vulnerability exists in the OPTO 22 SNAP PAC S1 R10.3b firmware version that stems from the File Transfer Protocol FTP port being open by default, allowing an attacker to access certain device files...

PHOENIX CONTACTs WP 6xxx series web panels Security Vulnerability

PHOENIX CONTACTs WP 6xxx series web panels are a series of web panels from PHOENIX CONTACTs. A security vulnerability in PHOENIX CONTACTs WP 6xxx series web panels prior to version 4.0.10 exists in the web panels where a remote attacker with low privileges can gain limited read access to the devi...

SUSE CVE-2013-1766

libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors...

CVE-2022-41720

A flaw was found in OS, net/http golang library. In Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted in a given directory. These functions permit access to Windows device files under that root. Fo...