Arbitrary Code Injection

Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Arbitrary Code Injection via modification of the resources folder when the embeddedAsarIntegrityValidation...

PT-2025-23611

Name of the Vulnerable Software and Affected Versions Python versions 3.12 and later Description The issue allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data" when using the tarfile module to extract untrusted tar archives. This affects users o...

CVE-2022-29062

Multiple relative path traversal vulnerabilities CWE-23 in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to write to the underlying filesystem with nginx permissions via crafted HTTP requests...

CVE-2022-34271

A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This issue affects Apache Atlas versions from 0.8.4 to 2.2.0...

Relative Path Traversal

Overview agentscope is an AgentScope: A Flexible yet Robust Multi-Agent Platform. Affected versions of this package are vulnerable to Relative Path Traversal through the save-workflow functionality. An attacker can write arbitrary JSON files on the filesystem by exploiting this vulnerability. PoC...

Linux Distros Unpatched Vulnerability : CVE-2018-16874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Go before 1.10.6 and 1.11.x before 1.11.3, the go get command is vulnerable to directory traversal when executed with the import path of a malicious Go packa...

CVE-2024-47808

A vulnerability has been identified in SINEC NMS All versions V3.0 SP1. The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system. This could allow an authenticated medium-privileged attacker to...

PT-2024-8717 · Siemens · Sinec Nms

Name of the Vulnerable Software and Affected Versions: SINEC NMS versions prior to V3.0 SP1 Description: A vulnerability has been identified in the affected application, which contains a database function that does not properly restrict the permissions of users to write to the filesystem of the...

CVE-2023-50780 Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could...

DEBIAN-CVE-2024-36137

A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to...

The vulnerability of the Permission Model component in the Node.js software platform allows attackers to compromise the confidentiality and integrity of protected information.

The vulnerability of the Permission Model component in the Node.js software platform is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to compromise the confidentiality and integrity of protected information when the --allow-fs-write flag is used...

nodejs: improper handling of wildcards in --allow-fs-read and --allow-fs-write

A flaw was found in the Node.js Permission Model, where it is not clarified in the documentation that wildcards should only be used as the last character of a file path. For example: --allow-fs-read=/home/node/.ssh/.pub will ignore pub and give access to everything after .ssh/...

CVE-2023-44402 ASAR Integrity bypass via filetype confusion in electron

Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. This only impacts apps that have the embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses enabled. Apps without these fuses enabled are not impacted. This issue is specifi...

openssh: Remote code execution in ssh-agent PKCS#11 support

A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...

CVE-2023-35852

CVE-2023-35852 is a Suricata vulnerability where, before version 6.0.13, an adversary controlling an external source of rules could cause a dataset filename (from a rule) to trigger absolute or relative directory traversal, enabling write access to a local filesystem. The issue arises in the rule...

PT-2023-25338 · Elfinder · Elfinder

Name of the Vulnerable Software and Affected Versions: elFinder versions prior to 2.1.62 Description: The issue allows path traversal in the PHP LocalVolumeDriver connector due to incomplete validity checking of supplied request parameters. This can be exploited by allowing untrusted users to wri...

CVE-2023-29478

BiblioCraft before 2.4.6 does not sanitize path-traversal characters in filenames, allowing restricted write access to almost anywhere on the filesystem. This includes the Minecraft mods folder, which results in code execution...

SUSE CVE-2015-3083

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on...

SUSE CVE-2015-3085

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on...

SUSE CVE-2020-8131

Arbitrary filesystem write vulnerability in Yarn before 1.22.0 allows attackers to write to any path on the filesystem and potentially lead to arbitrary code execution by forcing the user to install a malicious package...