Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via improper sanitization of the upload path in the upload process. An attacker can write arbitrary files to any location on the file system, potentially compromising the server, by sending a crafted upload request...

CVE-2025-58158

Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries. Prior to version 3.3.0, Open Source Harness git LFS server Gitness exposes api to retrieve and upload files via git LFS. Implementation ...

CVE-2025-58158 Harness Affected by Arbitrary File Write in Gitness LFS server

Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries. Prior to version 3.3.0, Open Source Harness git LFS server Gitness exposes api to retrieve and upload files via git LFS. Implementation ...

CVE-2025-58158

CVE-2025-58158 affects Harness Open Source Gitness (git LFS server). Prior to version 3.3.0, the upload git LFS file API allowed arbitrary file writes due to improper sanitization of the upload path, enabling a malicious authenticated user with access to the Harness Gitness API to write files any...

Harness Allows Arbitrary File Write in Gitness LFS server

Impact Open Source Harness git LFS server Gitness exposes api to retrieve and upload files via git LFS. Implementation of upload git LFS file api is vulnerable to arbitrary file write. Due to improper sanitization for upload path, a malicious authenticated user who has access to Harness Gitness...

GHSA-W469-HJ2F-JPR5 Harness Allows Arbitrary File Write in Gitness LFS server

Impact Open Source Harness git LFS server Gitness exposes api to retrieve and upload files via git LFS. Implementation of upload git LFS file api is vulnerable to arbitrary file write. Due to improper sanitization for upload path, a malicious authenticated user who has access to Harness Gitness...

PT-2025-35297

Name of the Vulnerable Software and Affected Versions Harness Open Source versions prior to 3.3.0 Description Harness Open Source’s git Large File Storage LFS server Gitness exposes APIs for retrieving and uploading files via git LFS. The implementation of the upload git LFS file API is susceptib...

Pretalx Arbitrary File Read/Limited File Write

This module exploits functionality in Pretalx that export conference schedule as zipped file. The Pretalx will iteratively include any file referenced by any HTML tag and does not properly check the path of the file, which can lead to arbitrary file read. The module requires credentials that allo...

Metasploit Weekly Wrap-Up 08/28/2025

New module content 2 Pretalx Arbitrary File Read/Limited File Write Authors: Stefan Schiller and msutovsky-r7 Type: Auxiliary and Exploit Pull request: 20480 contributed by msutovsky-r7 Path: auxiliary/scanner/http/pretalxfilereadcve202328459 and exploit/linux/http/pretalxrcecve202328458 Attacker...

Arbitrary File Write

tmp is vulnerable to arbitrary file/directory write. The vulnerability is due to improper handling of the dir parameter when creating temporary files/directories via symbolic link, which allows an attacker to create symbolic links and overwrite arbitrary files...

TencentOS Server 4: git (TSSA-2025:0605)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0605 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

📄 Pretalx Limited File Write / Remote Code Execution

This Metasploit module exploits CVE-2023-28458, a limited file write in Pretalx, up to version 2.3.1. The module will use the vulnerability to write a malicious site-specific configuration hook for Python. Once hook is written, payload will be executed every time Pretalx user runs any Python code...

Linux Distros Unpatched Vulnerability : CVE-2022-1537

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - file.copy operations in GruntJS are vulnerable to a TOCTOU race condition leading to arbitrary file write in GitHub repository gruntjs/grunt prior to 1.5.3. Thi...

Linux Distros Unpatched Vulnerability : CVE-2019-10185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could us...

Linux Distros Unpatched Vulnerability : CVE-2021-31800

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker that connects to a running smbserver instance can list and...

Linux Distros Unpatched Vulnerability : CVE-2019-10751

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of the HTTPie package prior to version 1.0.3 are vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied...

Linux Distros Unpatched Vulnerability : CVE-2021-32840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of...

CVE-2025-57773 Dataease DB2 Aspectweaver Deserialization Arbitrary File Write Vulnerability

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.12, because DB2 parameters are not filtered, a JNDI injection attack can be directly launched. JNDI triggers an AspectJWeaver deserialization attack, writing to various files. This vulnerability...

CVE-2025-57773 Dataease DB2 Aspectweaver Deserialization Arbitrary File Write Vulnerability

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.12, because DB2 parameters are not filtered, a JNDI injection attack can be directly launched. JNDI triggers an AspectJWeaver deserialization attack, writing to various files. This vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2016-7569

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in docker2aci before 0.13.0 allows remote attackers to write to arbitrary files via a .. dot dot in the embedded layer data in...