Linux Distros Unpatched Vulnerability : CVE-2021-23520

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the ZipFile::uncompressEntry function in...

Linux Distros Unpatched Vulnerability : CVE-2015-5701

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to write to arbitrary files via a symlink attack. NOTE: this...

Linux Distros Unpatched Vulnerability : CVE-2015-3202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking 1 mount or 2 umount as root, which allows local users to write to...

Linux Distros Unpatched Vulnerability : CVE-2015-1196

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file. CVE-2015-1196 Note that Nessus relies on the presence ...

Directory Traversal

Overview mlrun is a Tracking and config of machine learning runs Affected versions of this package are vulnerable to Directory Traversal in the getlogsizelegacy function in api/crud/logs.py. This allows attackers to access locations on the filesystem outside the project directory. Details A...

Directory Traversal

Overview lilya is a Yet another ASGI toolkit that delivers Affected versions of this package are vulnerable to Directory Traversal in getpath function in staticfiles.py. Details A Directory Traversal attack also known as path traversal aims to access files and directories that are stored outside...

CVE-2025-25761

HkCms v2.3.2.240702 was discovered to contain an arbitrary file write vulnerability in the component Appcenter.php...

CVE-2025-27413 PwnDoc Arbitrary File Write to RCE using Path Traversal in template update from backup templates.json

PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality allows an administrator to import raw data into the database, including Path Traversal ../ sequences. This is problematic for the template update functionality as it uses the path from the...

CVE-2025-27413 PwnDoc Arbitrary File Write to RCE using Path Traversal in template update from backup templates.json

PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality allows an administrator to import raw data into the database, including Path Traversal ../ sequences. This is problematic for the template update functionality as it uses the path from the...

CVE-2025-27410 PwnDoc Arbitrary File Write to RCE using Path Traversal in backup restore as admin

PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality is vulnerable to path traversal in the TAR entry's name, allowing an attacker to overwrite any file on the system with their content. By overwriting an included .js file and restarting the...

CVE-2025-27142

LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an internet connection. Prior to version 1.17.0, due to the missing sanitization of the path in the POST /api/localsend/v2/prepare-upload and th...

CVE-2025-25761

HkCms v2.3.2.240702 was discovered to contain an arbitrary file write vulnerability in the component Appcenter.php...

CVE-2025-25761

HkCms v2.3.2.240702 was discovered to contain an arbitrary file write vulnerability in the component Appcenter.php...

CVE-2025-25761

HkCms v2.3.2.240702 was discovered to contain an arbitrary file write vulnerability in the component Appcenter.php...

CVE-2025-25761

CVE-2025-25761 affects HkCms v2.3.2.240702 with an arbitrary file write vulnerability in Appcenter.php. Public sources (NVD/Red Hat, CNNVD, PT-Security, CVE listing) confirm impact as high (C:H, I:H, A:H) with network exposure; exploit details are not provided in the documents. A remediation ment...

CVE-2025-25761

HkCms v2.3.2.240702 was discovered to contain an arbitrary file write vulnerability in the component Appcenter.php...

HkCms 安全漏洞

HkCms is a free and open source content management system from HkCms Open Source. A security vulnerability exists in HkCms version v2.3.2.240702, which originates from an arbitrary file write in the Appcenter.php component...

PT-2025-8946 · Hkcms · Hkcms

Name of the Vulnerable Software and Affected Versions: HkCms version 2.3.2.240702 Description: The issue is related to an arbitrary file write vulnerability in the Appcenter.php component. This vulnerability allows for the writing of files to arbitrary locations, potentially leading to security...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal due to improper limitation of a pathname to a restricted directory in the asset upload functionality. An attacker can upload files to directories outside of the intended temporary directory by manipulating file paths...

AZL-60327 CVE-2022-49296 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ceph: fix possible deadlock when holding Fwb to get inlinedata 1, mount with wsync. 2, create a file with ORDWR, and the request was sent to mds.0: cephatomicopen-- cephmdscdorequestopenc finishopenfile, dentry, cephopen--...