GO-2026-4339 Arbitrary file write using cgo pkg-config directive in cmd/go

Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...

CVE-2020-36963

Intelbras Router RF 301K firmware version 1.1.2 contains an authentication bypass vulnerability that allows unauthenticated attackers to download router configuration files. Attackers can send a specific HTTP GET request to /cgi-bin/DownloadCfg/RouterCfm.cfg to retrieve sensitive router...

CVE-2025-61140

The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution...

EUVD-2020-30896

PDW File Browser version 1.3 contains stored and reflected cross-site scripting vulnerabilities that allow authenticated attackers to inject malicious scripts through file rename and path parameters. Attackers can craft malicious URLs or rename files with XSS payloads to execute arbitrary...

USN-7978-1: GNU Screen vulnerabilities

It was discovered that GNU Screen incorrectly handled signals when setuid or setgid privileges were being used, which is not the default in Ubuntu. A local attacker could use this issue to send privileged signals, possibly leading to a denial of service. This issue only affected Ubuntu 22.04 LTS...

CVE-2025-69612

A path traversal vulnerability exists in TMS Management Console version 6.3.7.27386.20250818 from TMS Global Software. The "Download Template" function in the profile dashboard does not neutralize directory traversal sequences ../ in the filePath parameter, allowing authenticated users to read...

CVE-2025-69612

A path traversal vulnerability exists in TMS Management Console version 6.3.7.27386.20250818 from TMS Global Software. The "Download Template" function in the profile dashboard does not neutralize directory traversal sequences ../ in the filePath parameter, allowing authenticated users to read...

TMS Management Console security vulnerabilities

TMS Management Console is a management console software developed by the American company TMS. Version 6.3.7.27386.20250818 of TMS Management Console contains a security vulnerability. This vulnerability stems from the Download Template function in the profile dashboard, which does not properly...

PT-2026-3947

A path traversal vulnerability exists in TMS Management Console version 6.3.7.27386.20250818 from TMS Global Software. The "Download Template" function in the profile dashboard does not neutralize directory traversal sequences ../ in the filePath parameter, allowing authenticated users to read...

CVE-2021-47849

CVE-2021-47849 affects Mini Mouse 9.3.0 via a local file inclusion/path traversal vulnerability in the device-info endpoint. The root cause is improper handling of file path parameters, enabling an attacker to enumerate sensitive system directories (e.g., /usr, /etc, /var) by manipulating the fil...

MedDream PACS Premium encapsulatedDoc arbitrary file read vulnerability

Talos Vulnerability Report TALOS-2025-2273 MedDream PACS Premium encapsulatedDoc arbitrary file read vulnerability January 20, 2026 CVE Number CVE-2025-53912 SUMMARY An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially...

PT-2026-3421

Name of the Vulnerable Software and Affected Versions itsourcecode Society Management System version 1.0 Description A cross site scripting issue exists in itsourcecode Society Management System 1.0. The issue is related to the manipulation of the detail argument in the file '/admin/expenses.php'...

TOTOLINK LR350 security vulnerabilities

TOTOLINK LR350 is a wireless router produced by TOTOLINK Corporation. The TOTOLINK LR350 9.3.5u.6369B20220309 version contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “ssid” in the file /cgi-bin/cstecgi.cgi, which may lead to a buffer overflow...

PT-2026-3429

A vulnerability has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /php/api register patient.php. Such manipulation of the argument firstName/lastName leads to cross site scripting. The...

EUVD-2026-3132

A security vulnerability has been detected in FeMiner wms up to 9cad1f1b179a98b9547fd003c23b07c7594775fa. Affected by this vulnerability is an unknown functionality of the file /src/chkuser.php. The manipulation of the argument Username leads to sql injection. The attack is possible to be carried...

External Control of File Name or Path

Overview Affected versions of this package are vulnerable to External Control of File Name or Path via the processing of externally-supplied credential configuration files. An attacker can access arbitrary files or perform server-side request forgery by providing a crafted configuration with...

CVE-2026-0532

External Control of File Name or Path CWE-73 combined with Server-Side Request Forgery CWE-918 can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON payload in the Google Gemini connector configuration. This requires an attacker to have authenticate...

External Control of File Name or Path

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to External Control of File Name or Path via the processing of JSON credentials in the Google Gemini connector configuration. An...

CVE-2026-0532

External Control of File Name or Path CWE-73 combined with Server-Side Request Forgery CWE-918 can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON payload in the Google Gemini connector configuration. This requires an attacker to have authenticate...

PT-2026-2849

Name of the Vulnerable Software and Affected Versions Kibana versions prior to 8.19.10 Kibana versions prior to 9.1.10 Kibana versions prior to 9.2.4 Description An issue exists in Kibana where External Control of File Name or Path CWE-73 combined with Server-Side Request Forgery CWE-918 can allo...