705 matches found
CVE-2025-6704
An arbitrary file writing vulnerability in the Secure PDF eXchange SPX feature of Sophos Firewall versions older than 21.0 MR2 21.0.2 can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall running in High Availability HA mode...
CVE-2025-6704
An arbitrary file writing vulnerability in the Secure PDF eXchange SPX feature of Sophos Firewall versions older than 21.0 MR2 21.0.2 can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall running in High Availability HA mode...
CVE-2025-6704
An arbitrary file writing vulnerability in the Secure PDF eXchange SPX feature of Sophos Firewall versions older than 21.0 MR2 21.0.2 can lead to pre-auth remote code execution, if a specific configuration of SPX is enabled in combination with the firewall running in High Availability HA mode...
CVE-2025-6704
CVE-2025-6704 is an arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall . The pre-auth remote code execution condition requires a specific SPX configuration enabled in combination with the firewall running in High Availability (HA) mode. Multiple sourc...
PT-2025-30271 · Sophos · Sophos Firewall
Name of the Vulnerable Software and Affected Versions: Sophos Firewall versions prior to 21.0 MR2 21.0.2 Description: An arbitrary file writing vulnerability exists in the Secure PDF eXchange SPX feature. This can lead to pre-authentication remote code execution when SPX is enabled with a specifi...
CVE-2025-40737
A vulnerability has been identified in SINEC NMS All versions V4.0. The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privilege...
CVE-2025-40738
A vulnerability has been identified in SINEC NMS All versions V4.0. The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privilege...
CVE-2025-40738
A vulnerability has been identified in SINEC NMS All versions V4.0. The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privilege...
CVE-2025-40737
A vulnerability has been identified in SINEC NMS All versions V4.0. The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an attacker to write arbitrary files to restricted locations and potentially execute code with elevated privilege...
GHSA-GJ54-GWJ9-X2C6 eKuiper /config/uploads API arbitrary file writing may lead to RCE
Summary eKuiper /config/uploads API supports accessing remote web URLs and saving files in the local upload directory, but there are no security restrictions, resulting in arbitrary file writing through ../. If run with root privileges, RCE can be achieved by writing crontab files or ssh keys...
eKuiper /config/uploads API arbitrary file writing may lead to RCE
Summary eKuiper /config/uploads API supports accessing remote web URLs and saving files in the local upload directory, but there are no security restrictions, resulting in arbitrary file writing through ../. If run with root privileges, RCE can be achieved by writing crontab files or ssh keys...
PT-2025-29376 · Go · Github.Com/Lf-Edge/Ekuiper +1
Summary eKuiper /config/uploads API supports accessing remote web URLs and saving files in the local upload directory, but there are no security restrictions, resulting in arbitrary file writing through ../. If run with root privileges, RCE can be achieved by writing crontab files or ssh keys...
PT-2025-27024 · Don Ho · Notepad++
Уязвимость установщика текстового редактора Notepad++ связана с недостатками разграничения доступа в результате неконтролируемого элемента пути поиска. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии и записывать произвольные файлы...
TencentOS Server 2: sudo (TSSA-2023:0133)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0133 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
CVE-2024-38824
Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...
CVE-2024-38824
CVE-2024-38824 is a directory traversal vulnerability in the recv_file method that allows writing arbitrary files into the Salt master cache directory. Public references in multiple advisories (SUSE openSUSE/SUSE-SU-2025-02501/-02492/-02476, SUSE-2025-02492, -02500, -02502) confirm the flaw affec...
NewStart CGSL MAIN 7.02 (SP) : git Vulnerability (NS-SA-2025-0010)
The remote NewStart CGSL host, running version MAIN 7.02 SP, has git packages installed that are affected by a vulnerability: - Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that...
CVE-2024-57189
In Erxes 1.6.2, an authenticated attacker can write to arbitrary files on the system using a Path Traversal vulnerability in the importHistoriesCreate GraphQL mutation handler...
GHSA-2977-5PHP-6789 Erxes Path Traversal vulnerability
In Erxes 1.6.2, an authenticated attacker can write to arbitrary files on the system using a Path Traversal vulnerability in the importHistoriesCreate GraphQL mutation handler...
CVE-2024-57189
In Erxes 1.6.2, an authenticated attacker can write to arbitrary files on the system using a Path Traversal vulnerability in the importHistoriesCreate GraphQL mutation handler...