CVE-2026-25121

apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package e.g., via a compromised or typosquatte...

CVE-2024-4030 tempfile.mkdtemp() may be readable and writeable by all users on Windows

On Windows a directory returned by tempfile.mkdtemp would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile...

Explore the PHP Mkdir function-vulnerability warning-the black bar safety net

A, causes In the reproducibility analysis of Wordpress-5.0.0 RCE of the time, because in the written pictures of the process, according to the picture dirname create the directory, then according to the basename of the write picture. In the directory is successfully created, the premise should be...

Hyperion FTP Server multiple bugs

Buffer overflow in mkdir, USER...