1642 matches found
SUSE CVE-2024-3220
There is a defect in the CPython standard library module “mimetypes” where on Windows the default list of known file locations are writable meaning other users can create invalid files to cause MemoryError to be raised on Python runtime startup or have file extensions be interpreted as the...
EUVD-2026-31360
Concrete CMS 9.5.0 and below is vulnerable to IDOR in AddMessage/UpdateMessage via attachments parameter which can lead to file permission bypass. The AddMessage and UpdateMessage conversation controllers accept user-supplied file attachment IDs and load files directly via $em-findFile::class,...
CVE-2026-7886
Concrete CMS 9.5.0 and below is vulnerable to IDOR in AddMessage/UpdateMessage via attachments parameter which can lead to file permission bypass. The AddMessage and UpdateMessage conversation controllers accept user-supplied file attachment IDs and load files directly via $em-findFile::class,...
EUVD-2026-31315
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign, mph, altitude, and timestamp values parsed from external GPS tracking service XML/JSON responses InstaMapper and Google Latitude integration are concatenated into...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: NFSv4: Fixed an issue where uninitialized nfs4label values were used during referral lookups. The already-allocated fattr is sent along with nfs4fslocations, and the memcpy operation of fattr is removed. As a result, two...
EUVD-2026-30864
The file indexer does not normalize the configured directory path. A backend user with permission to edit indexer configurations can index documents from arbitrary locations on the server file system through path traversal sequences...
PT-2026-41864
The file indexer does not normalize the configured directory path. A backend user with permission to edit indexer configurations can index documents from arbitrary locations on the server file system through path traversal sequences...
CVE-2026-45225
Heym before 0.0.21 contains a path traversal vulnerability in the file upload endpoint that allows authenticated users to write attacker-controlled files to arbitrary locations by supplying a crafted filename with traversal sequences. Attackers can exploit the unvalidated filename parameter in th...
PYSEC-2026-129
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, when passing a folder name in the setpackagedata API function call inside the data object with key "folder", there is no sanitization at all, allowing a user with Perms.MODIFY to specify arbitrary...
PYSEC-2026-129
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, when passing a folder name in the setpackagedata API function call inside the data object with key "folder", there is no sanitization at all, allowing a user with Perms.MODIFY to specify arbitrary...
OSK ATBroker Registry Security Scanner
This program is a defensive Windows security scanner designed to inspect registry locations related to On-Screen Keyboard osk.exe and Accessibility/ATBroker configuration, which are sometimes abused in privilege escalation or persistence attacks...
CVE-2026-44927
In uriparser before 1.0.2, there is pointer difference truncation to int in various places...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the lack of cleanup of output file names. When extracting malicious archive files, t...
EUVD-2026-27285
OpenClaw before 2026.4.10 contains a path traversal vulnerability in the screenrecord tool's outPath parameter that bypasses workspace-only filesystem guards. Attackers can exploit this by specifying an outPath outside the workspace boundary to write files to unintended locations on the system...
Incorrect Authorization
Overview org.apache.polaris:polaris-runtime-service is an a catalog for data lakes. It provides new levels of choice, flexibility and control over data, with full enterprise security and Apache Iceberg interoperability across a multitude of engines and infrastructure Affected versions of this...
CVE-2026-42809 Apache Polaris: staged table creation could vend storage credentials for unvalidated locations
Apache Polaris can issue broad temporary "vended" storage credentials during staged table creation before the effective table location has been validated or durably reserved. Those temporary credentials are meant to limit the scope of accessible table data and metadata, but this scope limitation...
EUVD-2026-27039
In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table version to read. write.metadata.path is an optional table property that tells Polaris where to write those metadata files. For a table already registered in a...
Apache Polaris 输入验证错误漏洞
Apache Polaris is a data management and query service component of the Apache Foundation. Apache Polaris has a vulnerability related to input validation, which stems from skipping expected position checks when only the write.metadata.path property is changed. This may lead to metadata being writt...
Apache Polaris 输入验证错误漏洞
Apache Polaris is a data management and query service component of the Apache Foundation. Apache Polaris has a vulnerability related to input validation. This vulnerability arises from the lack of verification or proper retention of valid table locations during the creation of phase tables,...
WordPress plugin Ona 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...