66 matches found
DEBIAN-CVE-2026-54055
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU...
UBUNTU-CVE-2026-54055
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU...
CVE-2026-54055 Kitty has an Arbitrary File Write via Symlink Race Condition in File Transmission Protocol
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU...
CVE-2026-54055 Kitty has an Arbitrary File Write via Symlink Race Condition in File Transmission Protocol
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU...
EUVD-2026-36556
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU...
CVE-2026-54055
Kitty (cross‑platform GPU terminal) contains a local privilege escalation vulnerability in its file transmission protocol prior to 0.47.2. A TOCTOU race between symlink validation and file creation allows a child process in the terminal to cause an attack to write to arbitrary files because os.op...
CVE-2026-54055
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.2, a local privilege escalation vulnerability exists in kitty's file transmission protocol where a child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU...
PT-2026-48969
Name of the Vulnerable Software and Affected Versions Kitty versions prior to 0.47.2 Description A local privilege escalation exists in the file transmission protocol. A child process running in the terminal can write to arbitrary files on the filesystem by exploiting a TOCTOU...
CVE-2026-46818
Vulnerability in the Oracle Payments product of Oracle E-Business Suite component: File Transmission. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Payments. Successful...
CVE-2026-46817
Vulnerability in the Oracle Payments product of Oracle E-Business Suite component: File Transmission. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful...
CVE-2026-46818
Vulnerability in the Oracle Payments product of Oracle E-Business Suite component: File Transmission. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Payments. Successful...
CVE-2026-46817
Vulnerability in the Oracle Payments product of Oracle E-Business Suite component: File Transmission. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful...
CVE-2026-46818
Vulnerability in the Oracle Payments product of Oracle E-Business Suite component: File Transmission. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Payments. Successful...
EUVD-2026-33041
Vulnerability in the Oracle Payments product of Oracle E-Business Suite component: File Transmission. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Payments. Successful...
CVE-2026-46817
Vulnerability in the Oracle Payments product of Oracle E-Business Suite component: File Transmission. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful...
Oracle Payments 安全漏洞
Oracle Payments is a corporate payment processing and fund management platform owned by Oracle Corporation in the United States. Vulnerabilities exist in versions 12.2.3 to 12.2.15 of Oracle Payments, stemming from issues with the File Transmission component. These vulnerabilities could allow...
Oracle Payments 安全漏洞
Oracle Payments is a corporate payment processing and funding management platform owned by Oracle Corporation in the United States. Vulnerabilities exist in versions 12.2.3 to 12.2.15 of Oracle Payments, stemming from issues with the File Transmission component. These vulnerabilities could allow...
PT-2026-44514
Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Payments versions 12.2.3 through 12.2.15 Description An issue exists in the File Transmission component of Oracle Payments. An unauthenticated attacker with network access via HTTPS can compromise the system...
CVE-2018-18980
An XML External Entity injection XXE vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the attacker can trigger the transmission of local files to an arbitrar...
EUVD-2004-2411
Malware in sbrugna...