339 matches found
PT-2026-5975
Name of the Vulnerable Software and Affected Versions Comic Book Reader version 1.0.95 Description A flaw exists in the file import process of Comic Book Reader that allows for arbitrary file overwrites. Successful exploitation could lead to arbitrary code execution or the disclosure of sensitive...
CVE-2026-23890
pnpm is a package manager. Prior to version 10.28.1, a path traversal vulnerability in pnpm's bin linking allows malicious npm packages to create executable shims or symlinks outside of nodemodules/.bin. Bin names starting with @ bypass validation, and after scope normalization, path traversal...
CVE-2026-23986
Copier is a library and CLI app for rendering project templates. Prior to version 9.11.2, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it...
Vulnserver-Buffer-Overflow-Automation
Vulnserver-Buffer-Overflow-Automation A modular Python 3 autom...
OPENSUSE-SU-2026:20072-1 Security update for podman
This update for podman fixes the following issues: - CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1252376. - CVE-2025-9566: kube play command may overwrite host files bsc1249154...
CVE-2026-0895
The extension extends TYPO3’ FileSpool component, which was vulnerable to Insecure Deserialization prior to TYPO3-CORE-SA-2026-004 https://typo3.org/security/advisory/typo3-core-sa-2026-004 . Since the related fix is overwritten by the extension, using the extension with a patched TYPO3 core...
PT-2026-3545
Name of the Vulnerable Software and Affected Versions TYPO3 FileSpool Extension affected versions not specified Description The FileSpool extension for TYPO3 contains a flaw related to Insecure Deserialization. The extension’s code, derived from the TYPO3 core, reintroduces a previously addressed...
MiracleLinux 8 : php:7.4 (AXSA:2022-3857:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3857:01 advisory. ArchiveTar: allows an unserialization attack because phar: is blocked but PHAR: is not blocked CVE-2020-28948 ArchiveTar: improper filename...
MiracleLinux 7 : php-pear-1.9.4-23.el7 (AXSA:2022-4004:01)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4004:01 advisory. ArchiveTar: allows an unserialization attack because phar: is blocked but PHAR: is not blocked CVE-2020-28948 ArchiveTar: improper filename...
GuardDog 路径遍历漏洞
GuardDog is a CLI tool in GuardDog open source that allows identifying malicious PyPI packages. A path traversal vulnerability exists in GuardDog versions prior to 2.7.1, which stems from the presence of path traversal in the safeextract function, which could lead to arbitrary file overwriting an...
MiracleLinux 7 : openssh-7.4p1-23.0.3.0.3.el7.AXS7 (AXSA:2025-10789:04)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10789:04 advisory. CVE-2018-20685: fix a vulnerability scp client where a malicious server could bypass intended access restrictions and modify target directory...
EUVD-2026-1873
DevToys is a desktop app for developers. In versions from 2.0.0.0 to before 2.0.9.0, a path traversal vulnerability exists in the DevToys extension installation mechanism. When processing extension packages NUPKG archives, DevToys does not sufficiently validate file paths contained within the...
CVE-2020-10665
Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with Administrator privileges, leading to arbitrary DACL permissions overwrites and arbitrary file writes. This affects Docker Desktop Enterprise before 2.1.0.9, Docker...
PT-2026-20978
Name of the Vulnerable Software and Affected Versions libssh-config versions prior to 0.11.4-1.1 Description The software is susceptible to a denial of service condition resulting from inefficient handling of regular expressions. Recommendations Update to libssh-config version 0.11.4-1.1 or later...
PT-2026-20976
Name of the Vulnerable Software and Affected Versions libssh-config affected versions not specified Description The software is susceptible to a denial of service due to improper handling of configuration files. Recommendations At the moment, there is no information about a newer version that...
CVE-2025-68144
In mcp-server-git versions prior to 2025.12.17, the gitdiff and gitcheckout functions passed user-controlled arguments directly to git CLI commands without sanitization. Flag-like values e.g., --output=/path/to/file for gitdiff would be interpreted as command-line options rather than git refs,...
Model Context Protocol Servers 参数注入漏洞
Model Context Protocol Servers is a large model context protocol server from Model Context Protocol open source. A parameter injection vulnerability exists in versions of Model Context Protocol Servers prior to 2025.12.17, which stems from the gitdiff and gitcheckout functions passing...
CVE-2025-13950
CVE-2025-13950 affects the OneSignal – Web Push Notifications WordPress plugin. It allows unauthenticated modification of data (App ID, REST API key, and notification behavior) via POST requests due to a missing capability check in settings handling for all versions up to 3.6.1. The issue is netw...
Arbitrary File Upload
open-webui is vulnerable to Arbitrary File Upload. The vulnerability is due to insufficient validation of uploaded file content types and user-controlled filenames, which allows an attacker to overwrite critical files and potentially execute arbitrary code...
Unrestricted File Upload
dnn.platform is vulnerable to Unrestricted File Upload. The vulnerability is due to the default HTML editor provider allowing unauthenticated file uploads and overwriting of existing files, which allows an attacker to upload malicious files, deface the website, and potentially inject XSS payloads...