CVE-2025-4564

The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation via the 'delpdf' action in all versions up to, and including, 3.18. This makes it possible for unauthenticated attackers to delete arbitrary files on the...

PT-2025-21651 · Qt Company · Qt

Name of the Vulnerable Software and Affected Versions: Qt versions prior to 5.15.19 Qt versions 6.0.0 through 6.5.8 Qt versions 6.6.0 through 6.8.1 Description: The issue arises from the use of the GetTempPath API, which can be exploited by attackers to manipulate temporary file paths, potentiall...

CVE-2025-26684

External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

External Control Of File Name Or Path

Microsoft.Build.Tasks.Core are vulnerable to External Control of File Name or Path. The vulnerability is due to external control of file name or path due to improper validation of input that allows an authorized attacker to manipulate file paths over a network...

PT-2025-21276 · Esignal · Esignal

Name of the Vulnerable Software and Affected Versions: eSigna versions 1.0 through 1.5 Description: The issue is related to an Insecure Direct Object Reference IDOR vulnerability in the eSignaViewer component. This vulnerability allows an unauthenticated attacker to access arbitrary files in the...

Alibaba Cloud Linux 3 : 0241: container-tools:rhel8 (ALINUX3-SA-2024:0241)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0241 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-9341: A flaw was found in Go. Whe...

CVE-2025-26684

CVE-2025-26684 is a Microsoft Defender Elevation of Privilege vulnerability in Defender for Endpoint where external control of a file name or path enables a locally authenticated attacker with high privileges to elevate to a higher privilege level. The CVSSv3.1 base score is 6.7 (Medium) with loc...

.NET, Visual Studio, and Build Tools for Visual Studio Spoofing Vulnerability

External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network...

CVE-2025-4535

A vulnerability, which was classified as problematic, was found in Gosuncn Technology Group Audio-Visual Integrated Management Platform 4.0. Affected is an unknown function of the file /config/config.properties of the component Configuration File Handler. The manipulation leads to information...

Yonyou Changjietong UFIDA CRM 安全漏洞

Yonyou Changjietong UFIDA CRM is a customer relationship management system for small and medium-sized enterprises SMEs from China's Yonyou, integrating sales automation and marketing analytics. Yonyou Changjietong UFIDA CRM suffers from a SQL injection vulnerability that originates from the lack ...

CVE-2025-44021

A flaw was found in Ironic. It did not filter file:// paths when used as an image source except to ensure they were a file. This issue could cause config files from well-known paths to be written to disk on a node. Mitigation Currently, no mitigation is available for this vulnerability...

GHSA-Q3M2-CRGQ-5P3Q OpenStack Ironic fails to restrict paths used for file:// image URLs

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

PYSEC-2025-38

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

DEBIAN-CVE-2025-44021

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

UBUNTU-CVE-2025-44021

OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling if a deployment was performed via the API. A malicious project assigned as a node owner can provide a path to any local file readable by ironic-conductor, which may then be written to the target...

RLSA-2024:2396 Moderate: squashfs-tools security update

SquashFS is a highly compressed read-only file system for Linux. These packages contain the utilities for manipulating squashfs file systems. Security Fixes: squashfs-tools: unvalidated filepaths allow writing outside of destination CVE-2021-40153 squashfs-tools: possible Directory Traversal via...

CVE-2025-27920

Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper file path handling. By using ../ sequences in parameters, attackers could access sensitive files outside the intended directory, potentially leading to configuration leakage or arbitrary file access...

Online Nurse Hiring System view-request.php File SQL Injection Vulnerability

Online Nurse Hiring System is an online nurse hiring system. Online Nurse Hiring System suffers from a SQL injection vulnerability that originates from the lack of validation of the viewid parameter in the file /admin/view-request.php against an externally-entered SQL statement. An attacker can u...

External Control of File Name or Path

Overview Affected versions of this package are vulnerable to External Control of File Name or Path during schema parsing. Although loading untrusted classes is no longer vulnerable via this vector as of version 1.15.1, by default an attacker who can control a trusted class can execute arbitrary...

CVE-2025-4303

A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /add-phlebotomist.php. The manipulation of the argument empid leads to sql injection. The attack ma...