27 matches found
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal due to unsafe path handling. An attacker can access, overwrite, or delete files outside the intended directories by supplying specially crafted names or archive entries containing path traversal sequences...
CVE-2025-55089
In FileX before 6.4.2, the file support module for Eclipse Foundation ThreadX, there was a possible buffer overflow in the FileX RAM disk driver. It could cause a remote execurtion after receiving a crafted sequence of packets...
CVE-2025-55089
In FileX before 6.4.2, the file support module for Eclipse Foundation ThreadX, there was a possible buffer overflow in the FileX RAM disk driver. It could cause a remote execurtion after receiving a crafted sequence of packets...
CVE-2025-55089
In FileX before 6.4.2, the file support module for Eclipse Foundation ThreadX, there was a possible buffer overflow in the FileX RAM disk driver. It could cause a remote execurtion after receiving a crafted sequence of packets...
CVE-2025-55089 Eclipse ThreadX FileX RAM disk driver buffer overflow
In FileX before 6.4.2, the file support module for Eclipse Foundation ThreadX, there was a possible buffer overflow in the FileX RAM disk driver. It could cause a remote execurtion after receiving a crafted sequence of packets...
EUVD-2025-34715
In FileX before 6.4.2, the file support module for Eclipse Foundation ThreadX, there was a possible buffer overflow in the FileX RAM disk driver. It could cause a remote execurtion after receiving a crafted sequence of packets...
CVE-2025-55089 Eclipse ThreadX FileX RAM disk driver buffer overflow
In FileX before 6.4.2, the file support module for Eclipse Foundation ThreadX, there was a possible buffer overflow in the FileX RAM disk driver. It could cause a remote execurtion after receiving a crafted sequence of packets...
CVE-2025-55089
Eclipse ThreadX FileX RAM disk driver (FileX) prior to version 6.4.2 contains a buffer overflow in the RAM disk path that can be triggered by crafted network packets via NetX Duo HTTP PUT handling. The overflow arises when the RAM-disk buffer is written without validating that the destination poi...
PT-2025-42423
Name of the Vulnerable Software and Affected Versions FileX versions prior to 6.4.2 Description The FileX RAM disk driver, a component of the Eclipse Foundation ThreadX file support module, contains a possible buffer overflow. This issue can lead to remote execution when processing crafted networ...
Eclipse ThreadX FileX 缓冲区错误漏洞
Eclipse ThreadX FileX is a high-performance, FAT-compatible file system from the Eclipse ThreadX open source. A buffer error vulnerability exists in Eclipse ThreadX FileX versions prior to 6.4.2, which stems from a buffer overflow in the FileX RAM disk driver that could lead to remote code...
EUVD-2022-41816
Malicious code in bioql PyPI...
Eclipse ThreadX FileX RAM disk driver buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2088 Eclipse ThreadX FileX RAM disk driver buffer overflow vulnerability July 30, 2025 CVE Number CVE-2025-55089 SUMMARY A buffer overflow vulnerability exists in the FileX RAM disk driver functionality of Eclipse ThreadX FileX git commit 1b85eb2. A specially...
CVE-2022-39343
Azure RTOS FileX is a FAT-compatible file system that’s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a vali...
CVE-2024-45064
A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted set of network packets can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability...
STMicroelectronics X-CUBE-AZRTOS-WL 缓冲区错误漏洞
STMicroelectronics X-CUBE-AZRTOS-WL is an Azure RTOS-based development kit for STM32 microcontrollers from STMicroelectronics, Switzerland. A security vulnerability exists in STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0, which stems from a buffer overflow in the FileX internal RAM interface...
PT-2025-14499 · Stmicroelectronics · X-Cube-Azrtos-Wl
Name of the Vulnerable Software and Affected Versions: STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0 Description: A buffer overflow issue exists in the FileX Internal RAM interface functionality, allowing code execution through specially crafted network packets. An attacker can trigger this...
CVE-2024-1098
A vulnerability was found in Rebuild up to 3.5.5 and classified as problematic. This issue affects the function QiniuCloud.getStorageFile of the file /filex/proxy-download. The manipulation of the argument url leads to information disclosure. The exploit has been disclosed to the public and may b...
Design/Logic Flaw
A vulnerability was found in Rebuild up to 3.5.5 and classified as problematic. This issue affects the function QiniuCloud.getStorageFile of the file /filex/proxy-download. The manipulation of the argument url leads to information disclosure. The exploit has been disclosed to the public and may b...
Rebuild Cross-Site Scripting Vulnerability
Rebuild is a highly customizable enterprise management system. A cross-site scripting vulnerability exists in Rebuild 3.5.5 and earlier versions, which stems from a security issue in the getFileOfData function of filex/read-raw, which can lead to cross-site scripting via the parameter url...
PT-2024-16677 · Rebuild · Rebuild
Name of the Vulnerable Software and Affected Versions: Rebuild versions up to 3.5.5 Description: A vulnerability was found in Rebuild, affecting the function QiniuCloud.getStorageFile of the file /filex/proxy-download. The manipulation of the argument url leads to information disclosure. The...