ROS-20260608-73-0013

The vulnerability of the .NET Core software platform is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability allows a remote attacker to write arbitrary files...

ROS-20260526-73-0022

Vulnerability in poetry related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

Astra Linux - уязвимость в curl

Curl versions 7.20.0 through 7.70.0 are vulnerable to improper restrictions on the names of files and other resources, which can lead to overwriting of local files when the -J flag is used...

ROS-20260508-73-0005

Vulnerability in rubygem-activestorage related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

ROS-20260420-73-0043

Vulnerability in incus related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

CVE-2026-25177

Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network...

ROS-20260310-73-0035

Vulnerability in python-wheel related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

Advisory ROSA-SA-2026-3204

Software: vim 8.0.1763 OS: ROSA Virtualization 2.1 unaffected versions = vim-8.0.1763-21.0.1.rv3 affected versions vim-8.0.1763-21.0.0.1.rv3 CVE-ID: CVE-2025-53905 BDU-ID: 2025-11730 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vim text editor is related to an incorrect restriction of the...

Advisory ROSA-SA-2026-3140

Software: git 2.43.5 OS: ROSA Virtualization 3.0 unaffected versions = git-2.43.5-3.rv30 affected versions git-2.43.5-3.rv30 CVE-ID: CVE-2023-25652 BDU-ID: 2023-03859 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Git distributed version control system is related to flaws in the directory path...

Advisory ROSA-SA-2026-3135

Software: git 2.43.5 OS: ROSA Virtualization 2.1 unaffected versions = git-2.43.5-3.rv3 affected versions git-2.43.5-3.rv3 CVE-ID: CVE-2023-25652 BDU-ID: 2023-03859 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Git distributed version control system is related to flaws in the directory path na...

ROS-20260129-73-0058

Vulnerability in mariadb11.8 related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

EUVD-2022-4893

Malicious code in bioql PyPI...

The vulnerability in the web interface of the microprogramming software for Digital Optical Network Systems Infinera G42 allows a intruder to gain unauthorized access to protected information.

The vulnerability of the web interface of Microprogramming Software for Digital Optical Network Systems Infinera G42 is related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to...

The vulnerability of the CLI component of the Brocade Fabric OS operating system allows a hacker to disclose protected information.

The vulnerability of the CLI component of the Brocade Fabric OS operating system is related to an incorrect limitation on the path name to the restricted-access directory. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

CVE-2023-0046

Improper Restriction of Names for Files and Other Resources in GitHub repository lirantal/daloradius prior to master-branch...

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the incorrect limitation of the path name in the restricted access catalog, allowing attackers to read and write arbitrary files.

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to an incorrect limitation on the name of the path to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to read and write arbitrary files remotely...

PT-2025-1292

Name of the Vulnerable Software and Affected Versions Microsoft Office OneNote affected versions not specified Description The issue is related to incorrect restriction of file names and other resources in Microsoft Office OneNote. This can allow an attacker to execute arbitrary code...

PT-2024-36785 · Redcap · Redcap

Name of the Vulnerable Software and Affected Versions: REDCap versions prior to 15.0.0 Description: A stored cross-site scripting XSS vulnerability in the Project name of REDCap allows authenticated users to inject malicious scripts into the name field of a Project. When a user clicks on the...

The vulnerability of Ollama’s system for running and managing large language models lies in the improper restriction on the path name to the restricted-access catalog, which allows a violator to trigger a service failure.

The vulnerability of the Ollama system for running and managing large language models is related to an incorrect restriction on the path name to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to trigger a service failure...

The vulnerability of the Ivanti Cloud Services Appliance’s network interface, related to incorrect path name restrictions for the restricted access catalog, allows attackers to escalate their privileges.

The vulnerability of the Ivanti Cloud Services Appliance relates to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...