MAL-2026-4789 Malicious code in ggk-happy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a22c29c3d374a49fdb69fb941f2fb81e42b69006b8ed154eba8d365c755b245 ggk-happy presents itself as the slopus/happy CLI Mobile/Web client for Claude Code — author metadata, homepage happy.engineering, and repository...

HP LaserJet Printers Path Traversal (CVE-2012-5221)

Directory traversal vulnerability in the PostScript Interpreter, as used on the HP LaserJet 4xxx, 5200, 90xx, M30xx, M4345, M50xx, M90xx, P3005, and P4xxx; LaserJet Enterprise P3015; Color LaserJet 3xxx, 47xx, 5550, 9500, CM60xx, CP35xx, CP4005, and CP6015; Color LaserJet Enterprise CP4xxx; and...

PT-2026-43253

OpenKM 6.3.12 contains a local file inclusion vulnerability in the administrative scripting interface at /admin/Scripting that allows authenticated administrators to read arbitrary files by supplying an attacker-controlled filesystem path through the fsPath parameter with action=Load. Attackers c...

Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce

CosmicSting CVE-2024-34102 Exploit Suite Complete exploit s...

EUVD-2018-21885

PCViewer vt1000 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by submitting relative path sequences in GET requests. Attackers can use path traversal sequences ../../../../../../../../../../../../etc/passwd to access sensitive system...

Exploit for CVE-2026-42945

CVE-2026-42945-Nginx-RCE-bypass-ASLR CVE-202...

CVE-2026-7766 Path Traversal in Kenik cameras

Kenik Camera management Panel is vulnerable to Path Traversal vulnerability. An unauthenticated attacker can send GET request with arbitrary file path and read corresponding files located on the server. The issue was fixed in version 2026-04-23 of the KG-5260xxxx-IL-G2 cameras. Rest of the produc...

Exploit for Infinite Loop in Dbgpt Db-Gpt

POCCVE-2024-36420 Local reproduction lab and nuclei template...

PCViewer 路径遍历漏洞

PCViewer is a folder manager from PCViewer, Inc. A path traversal vulnerability exists in PCViewer version vt1000, which stems from directory traversal and could allow an unauthenticated attacker to read arbitrary files by submitting a sequence of relative paths via a GET request...

RockyLinux 8 : kernel (RLSA-2026:19666)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19666 advisory. kernel: Fragnesia is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in the Linux kernel...

RLSA-2026:19664 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation LPE vulnerability in th...

CVE-2025-45145

Directory traversal in Follett Software's Destiny Library Manager 2202rc1 and fixed in v.22.5 AU1 allows remote attackers to read arbitrary system and application files via the image parameter...

PT-2026-42770

Directory traversal in Follett Software's Destiny Library Manager 22 0 2 rc1 and fixed in v.22.5 AU1 allows remote attackers to read arbitrary system and application files via the image parameter...

CVE-2025-45145

Directory traversal in Follett Software's Destiny Library Manager 2202rc1 and fixed in v.22.5 AU1 allows remote attackers to read arbitrary system and application files via the image parameter...

RHEL 10 : kernel (RHSA-2026:20299)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20299 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Fragnesia is a variant of...

Unity Linux 20.1070e Security Update: mojarra (UTSA-2026-016756)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016756 advisory. Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. Tenable has extracted the...

RHEL 9 : kernel (RHSA-2026:20129)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20129 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Fragnesia is a variant of Dir...

GHSA-C5FP-P67M-GQ56 Snappy : SSRF and local file read via the xsl-style-sheet option

Impact It impacts applications where: - the PHP daemon run with root permissions ; - the application is either running outside a container or has sensitive file access ; It could happens with this kind of workflows: php $stylesheet = $GET'stylesheet'; // = ‘file:///etc/passwd’ $pdf = new...

Snappy : SSRF and local file read via the xsl-style-sheet option

Impact It impacts applications where: - the PHP daemon run with root permissions ; - the application is either running outside a container or has sensitive file access ; It could happens with this kind of workflows: php $stylesheet = $GET'stylesheet'; // = ‘file:///etc/passwd’ $pdf = new...

EUVD-2026-31335

Concrete CMS 9.5.0 and below fails to sanitize path traversal sequences in the ptComposerFormLayoutSetControlCustomTemplate field when saving page type composer form layouts. An authenticated rogue administrator with composer form editing rights can exploit this to include arbitrary readable file...