8761 matches found
CVE-2026-9455
A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument FileName leads to os command injection. Remote exploitation of the...
EUVD-2026-31677
A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. The affected element is the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument FileName causes os command injection. The attack is possible...
CVE-2026-9455
CVE-2026-9455 affects Totolink A8000RU Web Management, specifically the UploadOpenVpnCert function in /cgi-bin/cstecgi.cgi. The vulnerability stems from manipulating the FileName argument, causing a remote OS command injection with network access, and a public exploit is indicated (exploit maturi...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization in the /mlflow-artifacts/mpu/ endpoints in --serve-artifacts mode. An attacker can gain unauthorized access to and overwrite artifacts belonging to other users by manipulating artifactpath and pathfilename argument...
CLSA-2026-1779694105 Fix CVE(s): CVE-2026-42307
SECURITY UPDATE: fix shell-injection in netrw via crafted sftp:// and file:// URLs by escaping the tempfile name and restricting the filename-suffix regex to word characters runtime/autoload/netrw.vim, upstream patch 9.2.0383 - debian/patches/CVE-2026-42307.patch: fix shell-injection in netrw via...
PT-2026-43046
A vulnerability was determined in Totolink A8000RU 7.1cu.643 b20200521. The affected element is the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument FileName causes os command injection. The attack is possibl...
CLSA-2026-1779436673 vim: Fix of CVE-2026-42307
CVE-2026-42307: fix shell-injection in netrw via crafted sftp:// and file:// URLs by escaping the tempfile name and restricting the filename-suffix regex to word characters runtime/autoload/netrw.vim, upstream patch 9.2.0383...
Exploit for CVE-2024-53667
CVE-2024-53677 — How the Exploit Works and How to Run It V...
PT-2026-42856
In OCaml-tar before 3.4.0, a crafted archive with ../ path segments in its name allows escaping the current working directory. This is not desired behavior, and tar1 rejects such extractions, but ocaml-tar decompresses it anyway. The impact is that it allows arbitrary file writes outside of the...
GHSA-763J-3P5V-JFC6 androidqf: APK download Path Traversal in device APK paths
Summary During device acquisition, getPathToLocalCopy constructs local filesystem paths for downloaded APKs using a filename component extracted by extractFileName. The extraction splits on ==/ and takes the remainder without sanitization. If a compromised device returns a crafted APK path...
androidqf: APK download Path Traversal in device APK paths
Summary During device acquisition, getPathToLocalCopy constructs local filesystem paths for downloaded APKs using a filename component extracted by extractFileName. The extraction splits on ==/ and takes the remainder without sanitization. If a compromised device returns a crafted APK path...
CLSA-2026-1779373678 Fix CVE(s): CVE-2026-42050
SECURITY UPDATE: Heap buffer overflow in XTileImage via overlong filename - debian/patches/CVE-2026-42050.patch: add bounds-check against sizeoffilename in two while-loops in XTileImage in magick/display.c - CVE-2026-42050...
CVE-2026-9102
A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...
Astra Linux - уязвимость в thunderbird
When loading the shared library that provides the OTR protocol implementation, Thunderbird initially attempts to open it using a filename that is not distributed by Thunderbird. If a computer has already been infected with a malicious library from the alternative filename, and the malicious libra...
Astra Linux - уязвимость в firefox, thunderbird
When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could lead to reflected file download attacks that potentially trick users into installing malware. This vulnerability affects Firefox 112, Focu...
Astra Linux - уязвимость в jetty9
Jetty is a Java-based web server and servlet engine. In affected versions, servlets that support multipart requests e.g., annotated with @MultipartConfig and call HttpServletRequest.getParameter or HttpServletRequest.getParts may cause an OutOfMemoryError when the client sends a multipart request...
Astra Linux - уязвимость в libreoffice
There is a vulnerability in input validation in the GStreamer integration of The Document Foundation LibreOffice. This allows an attacker to execute arbitrary GStreamer plugins. In affected versions, the filename of the embedded video is not properly escaped when passed to GStreamer. This enables...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to avoid a memory leak in f2fsrename. syzbot reported the following bug: BUG: Memory leak Unreferenced object: 0xffff888127f70830 size 16: Command: “syz.0.23”, PID 6144, jiffies 4294943712 Hex dump first 16...
Regular Expression Denial of Service (ReDoS)
Overview multiparty is a multipart/form-data parser which supports streaming Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the Content-Disposition filename parameter parsing. An attacker can cause excessive resource consumption and block the...
NPM: multiparty vulnerable to ReDoS via filename parsing
NPM: multiparty vulnerable to ReDoS via filename parsing vulnerability discovered by ? in WordPress Npm multiparty versions = 4.2.3...