7 matches found
PT-2026-45480
Name of the Vulnerable Software and Affected Versions pip affected versions not specified Description pip fails to sanitize the resolved absolute path to the installation directory when treating console scripts and gui scripts as paths rather than file names. This allows entry points to be...
Why Unofficial Download Sources Are Still a Security Risk in 2026
Security Risk in 2026: why unofficial download sources still put users at risk, and how to verify safe, official install paths before installing software...
GHSA-3PXQ-F3CP-JMXP OpenClaw: Unified root-bound write hardening for browser output and related path-boundary flows
Summary A path-confinement bypass in browser output handling allowed writes outside intended roots in openclaw versions up to and including 2026.3.1. The fix unifies root-bound, file-descriptor-verified write semantics and canonical path-boundary validation across browser output and related...
OpenClaw: Unified root-bound write hardening for browser output and related path-boundary flows
Summary A path-confinement bypass in browser output handling allowed writes outside intended roots in openclaw versions up to and including 2026.3.1. The fix unifies root-bound, file-descriptor-verified write semantics and canonical path-boundary validation across browser output and related...
PT-2026-26011
Summary A path-confinement bypass in browser output handling allowed writes outside intended roots in openclaw versions up to and including 2026.3.1. The fix unifies root-bound, file-descriptor-verified write semantics and canonical path-boundary validation across browser output and related...
CVE-2015-7962
SafeNet Authentication Service for Outlook Web App Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module...
Cyclope Employee Surveillance Solution 6.0/6.1.0/6.2.0/6.2.1/6.3.0 - SQL Injection
Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution v6.0 Version: 6.0 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Software description: The employee monitoring software developed by...