7253 matches found
GHSA-G2H5-CVVR-7GMW esm.sh has arbitrary file write via path traversal in `X-Zone-Id` header
Summary A path-traversal flaw in the handling of the X-Zone-Id HTTP header allows an attacker to cause the application to write files outside the intended storage location. The header value is used to build a filesystem path but is not properly canonicalized or restricted to the application’s...
CVE-2025-59342
esm.sh is a nobuild content delivery networkCDN for modern web development. In 136 and earlier, a path-traversal flaw in the handling of the X-Zone-Id HTTP header allows an attacker to cause the application to write files outside the intended storage location. The header value is used to build a...
CVE-2025-59342 esm.sh writes arbitrary files via path traversal in `X-Zone-Id` header
esm.sh is a nobuild content delivery networkCDN for modern web development. In 136 and earlier, a path-traversal flaw in the handling of the X-Zone-Id HTTP header allows an attacker to cause the application to write files outside the intended storage location. The header value is used to build a...
CVE-2025-59342 esm.sh writes arbitrary files via path traversal in `X-Zone-Id` header
esm.sh is a nobuild content delivery networkCDN for modern web development. In 136 and earlier, a path-traversal flaw in the handling of the X-Zone-Id HTTP header allows an attacker to cause the application to write files outside the intended storage location. The header value is used to build a...
GO-2025-3926 Harness Allows Arbitrary File Write in Gitness LFS server in github.com/harness/gitness
Harness Allows Arbitrary File Write in Gitness LFS server in github.com/harness/gitness...
Samsung MagicINFO Server < 21.1052.0 Path Traversal
The version of Samsung MagicINFO Server installed on the remote Windows host is affected by a vulnerability. Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority...
DragonFly vulnerable to arbitrary file read and write on a peer machine
A peer exposes the gRPC API and HTTP API for consumption by other peers. These APIs allow peers to send requests that force the recipient peer to create files in arbitrary file system locations, and to read arbitrary files. This allows peers to steal other peers’ secret data and to gain remote co...
CVE-2025-36244
CVE-2025-36244 : IBM AIX/VIOS Kerberos vulnerability allowing a local user to write to arbitrary files with root privileges due to improper initialization of critical variables. Affected: AIX 7.2, 7.3; VIOS 3.1, 4.1; vulnerable fileset: krb5.client.rte (1.16.1.0–1.16.1.7). CVSS base score 7.4 (HI...
AIX/VIOS is vulnerable to arbitrary file write due to Kerberos (CVE-2025-36244)
IBM SECURITY ADVISORY First Issued: Tue Sep 16 08:16:52 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/nasadvisory4.asc Security Bulletin: AIX is vulnerable to arbitrary file write due to Kerberos CVE-2025-36244...
wishlist-member-vuln-analysis
📄 Overview This repository contains a detailed analysis of a...
CVE-2025-41714
The upload endpoint insufficiently validates the 'Upload-Key' request header. By supplying path traversal sequences, an authenticated attacker can cause the server to create upload-related artifacts outside the intended storage location. In certain configurations this enables arbitrary file write...
Cisco Desk/IP/Video Phone Multiple Vulnerabilities (cisco-sa-phone-write-g3kcC5Df)
According to its self-reported version, the remote Cisco Desk, IP or Video Phone running SIP Software is affected by multiple vulnerabilities that could allow an unauthenticated, remote attacker to conduct arbitrary file write and information disclosure attacks. To exploit these vulnerabilities,...
SUSE CVE-2025-56760
When Memos 0.22 is configured to store objects locally, an attacker can create a file via the CreateResource endpoint containing a path traversal sequence in the name, allowing arbitrary file write on the server...
[SECURITY] [DSA 5995-1] hsqldb1.8.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5995-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 10, 2025 https://www.debian.org/security/faq -...
CVE-2025-41714
The upload endpoint insufficiently validates the 'Upload-Key' request header. By supplying path traversal sequences, an authenticated attacker can cause the server to create upload-related artifacts outside the intended storage location. In certain configurations this enables arbitrary file write...
CVE-2025-41714 Path Traversal via 'Upload-Key' in SmartEMS Upload Handling
The upload endpoint insufficiently validates the 'Upload-Key' request header. By supplying path traversal sequences, an authenticated attacker can cause the server to create upload-related artifacts outside the intended storage location. In certain configurations this enables arbitrary file write...
CVE-2025-41714
CVE-2025-41714 affects the Welotec SmartEMS Web Application (SmartEMS Upload Handling). The issue is in the upload endpoint where the Upload-Key header is not adequately validated, allowing path traversal sequences to cause upload-related artifacts to be created outside the intended storage locat...
Linux Distros Unpatched Vulnerability : CVE-2020-23171
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash...
Linux Distros Unpatched Vulnerability : CVE-2022-25299
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mghttpupload method may enable attackers to write...
ROS-20250910-01
A vulnerability in the GNU screen terminal multiplexer's logfilereopen function is related to the execution of an operation before privilege reset. Exploitation of the vulnerability could allow an attacker to write data to an arbitrary file with root privileges. data to an arbitrary file with roo...