EUVD-2026-31852

Traccar is an open source GPS tracking system. Prior to 6.13.0, DeviceResource.uploadImage authorizes the target device only through Condition.PermissionUser.class, getUserId, Device.class and then immediately streams the uploaded body into mediaManager.createFileStream.... Unlike the generic...

CVE-2025-64095

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to 10.1.1, the default HTML editor provider allows unauthenticated file uploads and images can overwrite existing files. An unauthenticated user can upload and replace existing files...

CVE-2025-64095

Summary (CVE-2025-64095) : DNN (DotNetNuke) versions before 10.1.1 are vulnerable to an unrestricted file upload due to the default HTML editor provider, allowing unauthenticated users to upload and overwrite files. This can enable website defacement and, when combined with other issues, potentia...

EUVD-2006-1143

Malware in sbrugna...

EUVD-2006-6456

Malware in sbrugna...

EUVD-2020-15420

Malware in sbrugna...

EUVD-2006-6421

Malware in sbrugna...

EUVD-2024-41265

Malicious code in bioql PyPI...

CVE-2020-22661

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

CVE-2006-6473

Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 have unknown impact and attack vectors, related to 1 an Immediate Image Overwrite IIO error message at the Local User Interface LUI if overwri...

SUSE CVE-2024-6287

Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range restriction and overwrite ...

SUSE CVE-2014-0134

The instance rescue mode in OpenStack Compute Nova 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and usecowimages is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image...

CVE-2020-22661

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

CVE-2021-3344

A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use the credentials to...

buildah: Crafted input tar file may lead to local file overwrite during image build process

A path traversal flaw was found in Buildah. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTPs server and then write files to the user's system anywhere that the user has permissions...

CVE-2018-2395

Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, overwrite existing image or corrupt other type of files...

Responsive Filemanger 9.11.0 - Arbitrary File Disclosure Vulnerability

Exploit for php platform in category web applications + Exploit Title: Responsive Filemanger = 9.11.0 - Arbitrary File Disclosure/Deletion + Date: 7 Feb 2017 + Vulnerability and Exploit Author: Wiswat Aswamenakul + Vendor Homepage: http://www.responsivefilemanager.com/ + Affected version: only...

DEBIAN-CVE-2015-7548

OpenStack Compute Nova before 2015.1.3 kilo and 12.0.x before 12.0.1 liberty, when using libvirt to spawn instances and usecowimages is set to false, allow remote authenticated users to read arbitrary files by overwriting an instance disk with a crafted image and requesting a snapshot...

PYSEC-2014-112

The instance rescue mode in OpenStack Compute Nova 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and usecowimages is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image...

DEBIAN-CVE-2012-3447

virt/disk/api.py in OpenStack Compute Nova 2012.1.x before 2012.1.2 and Folsom before Folsom-3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image that uses a symlink that is only readable by root. NOTE: this vulnerability exists because of an...