1091 matches found
Lexmark 安全漏洞
Lexmark is a series of printers produced by the American company Lexmark. Several Lexmark products have security vulnerabilities, which stem from relative path traversal in the embedded solution framework, potentially allowing for the execution of arbitrary code. The following products are...
Relative Path Traversal
Overview safecmd is a Call commands safely by checking them rigorously against an allow-list Affected versions of this package are vulnerable to Relative Path Traversal via the extractcommands function that lacks proper validation of relative paths. An unauthenticated attacker could gain access t...
Relative Path Traversal
Overview @vltpkg/tar is an An extremely limited and very fast tar extractor Affected versions of this package are vulnerable to Relative Path Traversal via improper sanitization of file paths during the extraction process. An attacker can overwrite arbitrary files on the filesystem by crafting ta...
Relative Path Traversal
Overview @pnpm/package-bins is a that returns bins of a package. Affected versions of this package are vulnerable to Relative Path Traversal via the commandsFromBin function when performing bin name validation and normalization. An attacker can create or overwrite arbitrary files outside the...
CVE-2025-55130
A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...
CVE-2026-1022
Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
CVE-2026-1022
Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
CVE-2026-1022 Gotac|Statistics Database System - Arbitrary File Read
Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
CVE-2026-1022 Gotac|Statistics Database System - Arbitrary File Read
Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
CVE-2026-1022
Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
CVE-2026-1022
The CVE-2026-1022 entry concerns Gotac’s Statistics Database System and an Arbitrary File Read vulnerability. Unauthenticated remote attackers can use Relative Path Traversal to download arbitrary system files. Multiple connected sources (NVD, Red Hat, CVE List, EUVD, CIRCL, etc.) corroborate the...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003754)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003754 advisory. Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. Tenable has extracted the preceding description...
Gotac Statistics Database System security vulnerabilities
The Gotac Statistics Database System is a statistical database system developed by Gotac in Taiwan, China. The Gotac Statistics Database System has a security vulnerability, which stems from an arbitrary file reading vulnerability. This vulnerability could allow unverified remote attackers to...
PT-2026-3209
Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001334)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001334 advisory. Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. Tenable has extracted the preceding description...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003746)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003746 advisory. Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. Tenable has extracted the preceding description...
CVE-2023-43825
Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and earlier allows a local attacker to execute an arbitrary code by having a legitimate user import a specially crafted backup file of the product...
CVE-2021-31538
LANCOM R Unified Firewall UF devices running LCOS FX 10.5 allow Relative Path Traversal...
CVE-2023-29004
hap-wi/roxy-wi is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A Path Traversal vulnerability was found in the current version of Roxy-WI 6.3.9.0 at the moment of writing this report. The vulnerability can be exploited via an HTTP request to /app/options.py and the...
CVE-2023-4914
Relative Path Traversal in GitHub repository cecilapp/cecil prior to 7.47.1...