6764 matches found
OpenPrinting CUPS 安全漏洞
OpenPrinting CUPS is an open-source printing system developed by OpenPrinting Inc., suitable for Linux® and other Unix®-based operating systems. OpenPrinting CUPS versions 2.4.16 and earlier contain security vulnerabilities. These vulnerabilities stem from the ability of non-privileged local user...
UNIX Symbolic Link (Symlink) Following
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following in the tar upload process. An attacker can overwrite arbitrary files on the remote host by uploading a tar archive containing symlinks that are follow...
Security update for tar
This update for tar fixes the following issue: CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives bsc1246399. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...
CVE-2026-30287
An arbitrary file overwrite vulnerability in Deep Thought Industries ACE Scanner PDF Scanner v1.4.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
CVE-2026-30289
An arbitrary file overwrite vulnerability in Tinybeans Private Family Album App v5.9.5-prod allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
Atlassian Jira Service Management Data Center and Server 5.15.2 < 10.3.18 / 10.4.x < 11.3.3 (JSDSERVER-16528)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16528 advisory. - node-tar is a Tar for Node.js. The node-tar library = 7.5.2 fails to sanitize the linkpath of Link...
Time-of-check Time-of-use (TOCTOU) Race Condition
Overview onnx is an Open Neural Network Exchange Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition through the saveexternaldata function. An attacker can overwrite arbitrary files or inject data into sensitive locations by exploiting a race...
CVE-2026-33949
Tina is a headless content management system. Prior to version 2.2.2, a path traversal vulnerability in @tinacms/graphql allows unauthenticated users to write and overwrite arbitrary files within the project root. This is achieved by manipulating the relativePath parameter in GraphQL mutations. T...
EUVD-2026-17889
An arbitrary file overwrite vulnerability in Tinybeans Private Family Album App v5.9.5-prod allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
EUVD-2026-17893
An arbitrary file overwrite vulnerability in Docudepot PDF Reader: PDF Viewer APP v1.0.34 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
EUVD-2026-17887
An arbitrary file overwrite vulnerability in Deep Thought Industries ACE Scanner PDF Scanner v1.4.5 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
CVE-2026-30292
An arbitrary file overwrite vulnerability in Docudepot PDF Reader: PDF Viewer APP v1.0.34 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
CVE-2026-30289
An arbitrary file overwrite vulnerability in Tinybeans Private Family Album App v5.9.5-prod allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
SUSE-SU-2026:20959-1 Security update for tar
This update for tar fixes the following issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives bsc1246399...
SUSE-SU-2026:20955-1 Security update for tar
This update for tar fixes the following issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives bsc1246399...
CVE-2026-30282
An arbitrary file overwrite vulnerability in UXGROUP LLC Cast to TV Screen Mirroring v2.2.77 allows attackers to overwrite critical internal files via the file import process, leading to arbtrary code execution or information exposure...
CVE-2026-30283
An arbitrary file overwrite vulnerability in PEAKSEL D.O.O. NIS Animal Sounds and Ringtones v1.3.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
CVE-2026-30284
An arbitrary file overwrite vulnerability in UXGROUP LLC Voice Recorder v10.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
CVE-2026-30280
An arbitrary file overwrite vulnerability in RAREPROB SOLUTIONS PRIVATE LIMITED Video player Play All Videos v1.0.135 allows attackers to overwrite critical internal files via the file import process, leading to arbtrary code execution or information exposure...
CVE-2026-30278
An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...