9 matches found
EUVD-2026-27534
Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this vulnerability can result in...
SUSE-SU-2026:20084-1 Security update for tomcat
This update for tomcat fixes the following issues: - Update to Tomcat 9.0.111 - Security fixes: - CVE-2025-55752: directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753. - CVE-2025-55754: improper neutralization of Escape, Meta, or Control Sequences vulnerability in Apache...
EUVD-2004-1018
Malware in sbrugna...
ROS-20250819-12
Vulnerability of configuration management and remote Salt operations execution system is related to incorrect input data validation in the findfile method of the GitFS class. Exploitation of the vulnerability could allow an attacker to manipulate files and directories Vulnerability in the Salt...
CVE-2024-47049
The czim/file-handling package before 1.5.0 and 2.x before 2.3.0 used with PHP Composer does not properly validate URLs within makeFromUrl and makeFromAny, leading to SSRF, and to directory traversal for the reading of local files...
Linux Distros Unpatched Vulnerability : CVE-2020-27304
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload...
Azure Linux 3.0 Security Update: golang / msft-golang (CVE-2022-41722)
The version of golang / msft-golang installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-41722 advisory. - A path traversal vulnerability exists in filepath.Clean on Windows. On Windows, the...
Updated python-django packages fix security vulnerabilities
An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets. CVE-2024-38875 An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. T...
PT-2004-3379 · Nexgen · Nexgen Ftp Server
Name of the Vulnerable Software and Affected Versions: Nexgen FTP Server versions prior to 2.2.3.23 Description: The issue allows remote authenticated users to read or list arbitrary files via specific sequences in various FTP commands, including RETR get, NLST ls, LIST ls, RNFR, or RNTO. These...