3918 matches found
CVE-2026-5366
CVE-2026-5366 affects Prefect v3.6.23, where the vulnerability resides in the GitRepository storage class. The commit_sha parameter passed to git commands lacks validation and does not use a -- separator, enabling an attacker to inject git flags (e.g., --upload-pack) and potentially execute arbit...
GHSA-48X2-6PR9-2JJF Network-AI: EnvironmentManager.restore() backup ID path traversal copies arbitrary directories into environment data
Summary EnvironmentManager.restoreenv, backupId computes the backup path with joinenvDir, '.backups', backupId and only checks that this path exists. It does not resolve the result or verify that it remains under data//.backups. A caller can pass a traversal backup ID such as...
CVE-2019-25747
Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unquoted path in the service configuration to execute arbitrar...
CVE-2019-25747
Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unquoted path in the service configuration to execute arbitrar...
Astra Linux – Vulnerability in pyxdg
A code injection issue was discovered in PyXDG before version 0.26, through crafted Python code within a Category element of a Menu XML document in a .menu file. The XDGCONFIGDIRS must be set up to trigger the xdg.Menu.parse parsing within the directory containing this file. This issue occurred d...
CVE-2026-56021
Webmin allows unauthenticated attackers to read the contents of any file ending in .conf within module directories, due to a bypassable regex pattern...
CVE-2026-56021
CVE-2026-56021 affects Webmin. An unauthenticated attacker can read contents of any .conf file in module directories because of a bypassable regex pattern, causing information disclosure (confidentiality impact: low). The CVSS metrics place it at Medium: CVSS v3.1 base score 5.3 (NETWORK, LOW com...
EUVD-2026-37908
Webmin allows unauthenticated attackers to read the contents of any file ending in .conf within module directories, due to a bypassable regex pattern...
CVE-2026-56021 Webmin information disclosure via regex pattern
Webmin allows unauthenticated attackers to read the contents of any file ending in .conf within module directories, due to a bypassable regex pattern...
CVE-2026-56021
Webmin allows unauthenticated attackers to read the contents of any file ending in .conf within module directories, due to a bypassable regex pattern...
PT-2026-50712
Name of the Vulnerable Software and Affected Versions Webmin affected versions not specified Description Unauthenticated attackers can read the contents of any file ending in .conf within module directories. This is caused by a bypassable regex pattern, which is a sequence of characters used to...
Open WebUI: Sibling-Prefix Path Traversal via /cache/{path}
Summary A path traversal vulnerability exists in open-webui's cache file serving endpoint that allows any authenticated user to read files from sibling directories outside the intended cache directory, by exploiting an incomplete startswith containment check that lacks a trailing path separator...
[SECURITY] Fedora 44 Update: ack-3.10.0-1.fc44
Ack is a grep-like search tool designed for use with large heterogeneous trees of source code. It searchs recursively and ignores common version control directories...
CVE-2026-54228
Vulnerability context (CVE-2026-54228) : A TOCTOU race in the abrt-dbus D-Bus service’s SetElement method allows a local user to write arbitrary text files into the root-owned dump directory between dump directory creation and post-create, bypassing package validation and causing crashes of unpac...
EUVD-2026-36407
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Path Traversal vulnerability, allowing authenticated remote attackers to exploit this vulnerability to create directories in unintended system paths...
PT-2026-48842
The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a Path Traversal vulnerability, allowing authenticated remote attackers to exploit this vulnerability to create directories in unintended system paths...
VMware Spring Boot 安全漏洞
VMware Spring Boot is an open-source framework developed by the American company VMware. There are security vulnerabilities in versions 4.0.0 to 4.0.6, 3.5.0 to 3.5.14, 3.4.0 to 3.4.16, 3.3.0 to 3.3.19, and 2.7.0 to 2.7.33 of VMware Spring Boot. These vulnerabilities stem from the use of fixed...
CVE-2026-46695
Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite does not restrict the kernel capabilities available inside the container, malicious code can remount the directo...
CVE-2026-46695 BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files
Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite does not restrict the kernel capabilities available inside the container, malicious code can remount the directo...
CVE-2026-46695 BoxLite: Permission Bypass in boxlite Allows Modification of Read-Only Files
Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite does not restrict the kernel capabilities available inside the container, malicious code can remount the directo...