Lucene search
K

37 matches found

NVD
NVD
added 2026/06/21 4:16 p.m.13 views

CVE-2026-56409

xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...

6.5CVSS0.00098EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/21 3:52 p.m.28 views

CVE-2026-56409

xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...

6.5CVSS0.00098EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/21 3:52 p.m.6 views

CVE-2026-56409

xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...

6.5CVSS5.8AI score0.00098EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/21 12:0 a.m.11 views

PT-2026-51245

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description The xmlwf tool contains an integer overflow related to the output filename when the -d outputDir option is utilized. An integer overflow occurs when a mathematical operation results in a value that...

6.5CVSS5.9AI score0.00098EPSS
Exploits0References7
CVE
CVE
added 2026/06/19 5:3 p.m.16 views

CVE-2026-49286

CVE-2026-49286 - PhpWeasyPrint : The library (prior to 2.6.0) guards the output filename against the phar:// stream wrapper with a case-sensitive blacklist. Because PHP stream wrappers are case-insensitive, inputs like PHAR://, Phar:// bypass the check and reach fileExists() in prepareOutput(), a...

8.1CVSS6.2AI score0.00555EPSS
Exploits0References4
Hacker One
Hacker One
added 2026/05/28 8:54 a.m.24 views

curl: curl External-Controlled Filename in `--url @file` Leads to Arbitrary File Overwrite

Vulnerability Report: curl External-Controlled Filename in --url @file Leads to Arbitrary File Overwrite 1. Product Overview curl is a widely used command-line tool and library libcurl for transferring data with URL syntax across multiple protocols such as HTTP, HTTPS, and FTP. It is preinstalled...

5.7AI score
Exploits0
Debian CVE
Debian CVE
added 2026/05/07 7:41 p.m.11 views

CVE-2026-39817

The "go tool pack" subcommand usually used only by the compiler as an internal tool with known-good inputs does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem...

5.9CVSS5.9AI score0.0017EPSS
Exploits0
Snyk
Snyk
added 2026/04/28 2:16 a.m.5 views

SQL Injection

Overview sqlite-mcp is an A lightweight Model Context Protocol server for allowing LLMs to autonomously interact with SQLite database. Affected versions of this package are vulnerable to SQL Injection via the extracttojson function. An attacker can execute arbitrary SQL commands by manipulating t...

7.5CVSS7.5AI score0.00277EPSS
Exploits0References2
NVD
NVD
added 2026/04/28 1:16 a.m.7 views

CVE-2026-7206

A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

7.5CVSS0.00277EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/04/28 12:45 a.m.35 views

CVE-2026-7206 dubydu sqlite-mcp entry.py extract_to_json sql injection

A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extracttojson of the file src/entry.py. Performing a manipulation of the argument outputfilename results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

7.5CVSS0.00277EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.12 views

SQLite MCP Server 注入漏洞

SQLite MCP Server is a lightweight tool developed by Doo Bui, an individual developer, that allows large models to operate SQLite databases autonomously. Versions of SQLite MCP Server 0.1.0 and earlier contained a vulnerability due to incorrect handling of the outputfilename parameter in the...

7.5CVSS7.2AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 2026/04/22 4:16 p.m.3 views

CVE-2018-25267

UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...

6.9CVSS0.00181EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/22 2:57 p.m.1 views

CVE-2018-25267

UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...

6.9CVSS6AI score0.00181EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/22 2:57 p.m.7 views

CVE-2018-25267 UltraISO 9.7.1.3519 Buffer Overflow via Output FileName

UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...

6.9CVSS6AI score0.00181EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/22 2:57 p.m.30 views

CVE-2018-25267 UltraISO 9.7.1.3519 Buffer Overflow via Output FileName

UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...

6.9CVSS0.00181EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.10 views

EZB Systems UltraISO 缓冲区错误漏洞

EZB Systems UltraISO is a disc image editing tool developed by EZB Systems Corporation. Version 9.7.1.3519 of EZB Systems UltraISO contains a buffer overflow vulnerability. This vulnerability stems from a local buffer overflow in the Output FileName field of the “Make CD/DVD Image” dialog box. It...

6.9CVSS6.1AI score0.00181EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.5 views

PT-2026-34463

UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite...

6.9CVSS6AI score0.00181EPSS
Exploits1References4
NVD
NVD
added 2026/04/08 10:16 p.m.5 views

CVE-2026-40027

ALEAPP Android Logs Events And Protobuf Parser through 3.4.0 contains a path traversal vulnerability in the NQVault.py artifact parser that uses attacker-controlled filenamefrom values from a database directly as the output filename, allowing arbitrary file writes outside the report output...

8.4CVSS0.00192EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/28 1:55 a.m.8 views

CVE-2026-28207

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.2, a command injection vulnerability CWE-78 in the Zen C compiler allows local attackers to execute arbitrary shell commands by providing a specially crafted output filename via the -o...

7.3CVSS6.1AI score0.00935EPSS
Exploits1References1
NVD
NVD
added 2026/02/26 11:16 p.m.12 views

CVE-2026-28207

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.2, a command injection vulnerability CWE-78 in the Zen C compiler allows local attackers to execute arbitrary shell commands by providing a specially crafted output filename via the -o...

7.3CVSS0.00935EPSS
Exploits1References2
Rows per page
Query Builder