7263 matches found
CVE-2025-11539
Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...
CVE-2025-11539 Arbitrary Code Execution in Grafana Image Renderer Plugin
Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...
CVE-2025-61913 Flowise is vulnerable to arbitrary file read, arbitrary file write
Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not restrict file path access, allowing authenticated attackers to exploit this vulnerability to read and write arbitrary files to any...
CVE-2025-61913 Flowise is vulnerable to arbitrary file read, arbitrary file write
Flowise is a drag & drop user interface to build a customized large language model flow. In versions prior to 3.0.8, WriteFileTool and ReadFileTool in Flowise do not restrict file path access, allowing authenticated attackers to exploit this vulnerability to read and write arbitrary files to any...
CVE-2025-61913
Summary: Flowise contains directory-traversal vulnerabilities via its ReadFileTool and WriteFileTool (and related components) that allow an authenticated attacker to read or write arbitrary files on the server, potentially enabling remote command execution. The root cause is lack of validation of...
Security Bulletin: AIX/VIOS is vulnerable to arbitrary file write due to Kerberos (CVE-2025-36244)
Summary Vulnerability in AIX's Kerberos could allow a non-privileged local user to write to arbitrary files CVE-2025-36244 Vulnerability Details CVEID:CVE-2025-36244 DESCRIPTION: IBM AIX, when configured to use Kerberos network authentication, could allow a local user to write to files on the...
CVE-2025-62187
In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux media file pathnames are not necessarily relative to the media folder...
CVE-2025-62187
In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux media file pathnames are not necessarily relative to the media folder...
Exploit for CVE-2025-7401
CVE-2025-7401 Premium Age Verification / Restriction for WordP...
EUVD-2020-1238
Malware in sbrugna...
EUVD-2014-9268
Malware in sbrugna...
EUVD-2021-12757
Malware in sbrugna...
EUVD-2015-8574
Malware in sbrugna...
EUVD-2019-14915
Malware in sbrugna...
EUVD-2014-5228
Malware in sbrugna...
EUVD-2013-0199
Malware in sbrugna...
EUVD-2019-0798
Malware in sbrugna...
EUVD-2014-9107
Malware in sbrugna...
EUVD-2014-5346
Malware in sbrugna...
EUVD-2013-0042
Malware in sbrugna...