CVE-2017-18384

cPanel before 68.0.15 allows jailed accounts to restore files that are outside of the jail SEC-310...

Veeam Agent for Microsoft Windows 安全漏洞

Veeam Agent for Microsoft Windows is a data protection and disaster recovery solution for physical and virtual machines from Veeam USA. A security vulnerability exists in Veeam Agent for Microsoft Windows that originates when a system administrator restores a malicious file, which could result in...

Files with Microsoft Purview Sensitivity Labels Are Not Accessible After Being Restored

Challenge After restoring a file that was encrypted with a Microsoft Purview Sensitivity Label, attempting to open it results in an error similar to: Word was unable to read this document. It may be corrupt. Try one or more of the following: Open and Repair the file. Open the file with the Text...

EUVD-2018-13429

Malware in sbrugna...

EUVD-2018-13422

Malware in sbrugna...

EUVD-2017-9500

Malware in sbrugna...

EUVD-2020-29014

Malware in sbrugna...

EUVD-2025-12355

Malicious code in bioql PyPI...

postgresql: PostgreSQL executes arbitrary code in restore operation

A flaw was found in PostgreSQL. This vulnerability allows a malicious user of the PostgreSQL server to inject arbitrary code in dump files created by pgdump, pgdumpall, pgrestore, and pgupgrade, causing arbitrary code execution on the client machine or SQL injection when these dump files are...

CVE-2018-20891

cPanel before 74.0.0 allows arbitrary file-read operations during File Restoration SEC-436...

CVE-2018-20884

cPanel before 74.0.0 allows stored XSS in the WHM File Restoration interface SEC-367...

CVE-2024-57394

The quarantine - restore function in Qi-ANXIN Tianqing Endpoint Security Management System v10.0 allows user to restore a malicious file to an arbitrary file path. Attackers can write malicious DLL to system path and perform privilege escalation by leveraging Windows DLL hijacking vulnerabilities...

openSUSE Security Advisory (openSUSE-SU-2025:0110-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-43440

CVE-2024-43440 is mapped to an OSV entry: Moodle has an LFI vulnerability in the process of restoring malformed block backups. The issue is described as a local-file inclusion flaw in Moodle's backup/restore path, leading to potential exposure of local files (confidentiality impact). The connecte...

CVE-2024-39865

The CVE-2024-39865 issue affects Siemens SINEMA Remote Connect Server: all versions prior to V3.2 SP1 are vulnerable to an Unrestricted Upload of a File with a Dangerous Type through the backup file upload feature. The backup process allows restoration without proper path validation, enabling an ...

CVE-2024-39118

Mommy Heather Advanced Backups up to v3.5.3 allows attackers to write arbitrary files via restoring a crafted back up...

CVE-2024-37315

Nextcloud Server is a self hosted personal cloud system. An attacker with read-only access to a file is able to restore older versions of a document when the filesversions app is enabled. It is recommended that the Nextcloud Server is upgraded to 26.0.12, 27.1.7 or 28.0.3 and that the Nextcloud...

CVE-2022-40314

A remote code execution risk when restoring backup files originating from Moodle 1.9 was identified...

CVE-2022-40314

CVE-2022-40314 describes a remote code execution risk when restoring backup files originating from Moodle 1.9. The vulnerability is reported with a high/critical impact (CVSS: 9.8, NETWORK attack vector, no user interaction) and is supported by multiple connected sources (NVD entry and Nessus/Ope...

U.S. Dept Of Defense: CVE-2020-3187 - Unauthenticated Arbitrary File Deletion

A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted...