CVE-2026-22745

The vulnerability is in the Spring Framework’s static resource resolution when serving file-system backed resources in Spring MVC/WebFlux apps on Windows. Affected component: org.springframework:spring-core. Under the conditions that the app uses Spring MVC or Spring WebFlux, serves static resour...

CVE-2025-14988 Incorrect Permission Assignment for Critical Resource vulnerability in iba Systems ibaPDA

A security issue has been identified in ibaPDA that could allow unauthorized actions on the file system under certain conditions. This may impact the confidentiality, integrity, or availability of the system...

EUVD-2018-17289

Malware in sbrugna...

Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2105 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2258 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX Du...

CVE-2024-53221 f2fs: fix null-ptr-deref in f2fs_submit_page_bio()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null-ptr-deref in f2fssubmitpagebio There's issue as follows when concurrently installing the f2fs.ko module and mounting the f2fs file system: KASAN: null-ptr-deref in range 0x0000000000000020-0x0000000000000027 RIP:...

CAREL Boss-Mini

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : CAREL Equipment : Boss-Mini Vulnerability : Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

Input validation

Cacheservice did not correctly check if relative cache object were pointing to the defined absolute location when accessing resources. An attacker with access to the database and a local or restricted network would be able to read arbitrary local file system resources that are accessible by the...

CVE-2021-1489

A vulnerability in filesystem usage management for Cisco Firepower Device Manager FDM Software could allow an authenticated, remote attacker to exhaust filesystem resources, resulting in a denial of service DoS condition on an affected device. This vulnerability is due to the insufficient...

CVE-2018-5520

On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell tmsh may allow an administrative user to use the dig utility to gain unauthorized access to file system resources...

Design/Logic Flaw

On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in Appliance mode, the TMOS Shell tmsh may allow an administrative user to use the dig utility to gain unauthorized access to file system resources...

Cisco Prime for HCS Assurance Information Disclosure Vulnerability

A vulnerability in web framework could allow an unauthenticated, remote attacker to access information about internal file system resources such as paths and names of files and directories. The vulnerability is due to insufficient security hardening of replies to crafted HTTP requests. An attacke...