814 matches found
CVE-2026-58522
Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally...
EUVD-2026-41652
Relative path traversal in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
CVE-2026-57988
Relative path traversal in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
Microsoft Edge for Android Information Disclosure Vulnerability
Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally...
PT-2026-55647
Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description A relative path traversal issue exists in Microsoft Edge for Android. This flaw allows an unauthorized attacker to disclose information locally. Path traversal is a techniq...
PT-2026-55622
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A relative path traversal issue exists that allows an unauthorized attacker to execute code over a network. Path traversal is a flaw that allows an attacker to access...
Relative Path Traversal
Overview langroid is a Harness LLMs with Multi-Agent Programming Affected versions of this package are vulnerable to Relative Path Traversal through improper validation of user-supplied file paths in the ReadFileTool and WriteFileTool components. An attacker can access or modify files outside the...
DEBIAN-CVE-2026-44941
A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...
CVE-2026-44941
A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...
EUVD-2026-41406
A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root...
CVE-2026-8387 Relative Path Traversal in allegroai/clearml
A vulnerability in allegroai/clearml versions up to and including 1.16.5 allows for relative path traversal when extracting .zip archives using the ZipFile.extractall method in StorageManager.extracttocache. This issue arises due to the lack of path traversal validation, enabling an attacker to...
PT-2026-54931
Name of the Vulnerable Software and Affected Versions allegroai/clearml versions prior to 2.1.6 Description Relative path traversal occurs during the extraction of .zip archives via the ZipFile.extractall method within the StorageManager. extract to cache function. This is caused by a lack of pat...
CVE-2026-25707
A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation...
UBUNTU-CVE-2026-25707
A relative path traversal bug problem when processing repository metadata in libzypp before 17.38.10 could be used by remote attackers supplying repositories to overwrite files on the system, leading to denial of service or privilege escalation...
extract-zip unvalidated symlink path traversal
RISK EVALUATION extract-zip does not validate symlink targets when extracting zip archives. When processing a malicious zip file containing a symlink with a relative path like '../../../../etc/passwd', extract-zip will extract the symlink without validation, allowing it to point outside the...
EUVD-2026-39334
Relative Path Traversal vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...
CVE-2026-45188
Relative Path Traversal vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...
OESA-2026-2705 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Relative Path Traversal, Improper Isolation or...
OESA-2026-2704 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Relative Path Traversal, Improper Isolation or...
OESA-2026-2703 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Relative Path Traversal, Improper Isolation or...