194 matches found
CVE-2024-5986
CVE-2024-5986 affects h2oai/h2o-3 in version 3.46.0.1, where remote attackers can write arbitrary data to any file on the server by abusing the /3/Parse endpoint to inject data as the header of an empty file, then exporting it via /3/Frames/framename/export. This can lead to remote code execution...
PT-2026-5651
Name of the Vulnerable Software and Affected Versions h2o-3 version 3.46.0.1 Description A flaw exists in h2o-3 that permits remote attackers to write arbitrary data to any file on the server. The issue is due to exploiting the /3/Parse API endpoint to inject attacker-controlled data as the heade...
MiracleLinux 9 : rsync-3.2.3-9.el9.2 (AXSA:2022-4046:07)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4046:07 advisory. rsync: remote arbitrary files write inside the directories of connecting peers CVE-2022-29154 Tenable has extracted the preceding description block directly...
MiracleLinux 7 : rsync-3.1.2-11.el7 (AXSA:2022-3735:05)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3735:05 advisory. rsync: remote arbitrary files write inside the directories of connecting peers CVE-2022-29154 Tenable has extracted the preceding description block directly...
MiracleLinux 7 : wget-1.14-13.el7 (AXSA:2016-1111:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-1111:01 advisory. GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you ar...
CVE-2026-21440
AdonisJS is a TypeScript-first web framework. A Path Traversal vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/bodyparser through version 10.1.1 and 11.x prerelease...
CVE-2026-21440 AdonisJS Path Traversal in Multipart File Handling
AdonisJS is a TypeScript-first web framework. A Path Traversal vulnerability in AdonisJS multipart file handling may allow a remote attacker to write arbitrary files to arbitrary locations on the server filesystem. This impacts @adonisjs/bodyparser through version 10.1.1 and 11.x prerelease...
CVE-2023-53962
The CVE-2023-53962 entry concerns SOUND4 IMPACT/FIRST/PULSE/Eco v2.x with an unauthenticated directory traversal in upload.cgi through the upgfile parameter, enabling remote attackers to write arbitrary files. Exploitation involves crafting multipart form-data POST requests that include directory...
CVE-2025-13659
Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required...
CVE-2025-13659
Improper control of dynamically managed code resources in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote, unauthenticated attacker to write arbitrary files on the server, potentially leading to remote code execution. User interaction is required...
CLSA-2025-1763136711 Fix CVE(s): CVE-2022-29154, CVE-2024-12087, CVE-2024-12088
SECURITY UPDATE: malicious remote servers to write arbitrary files inside the directories of connecting peers: - debian/patches/els/0001-CVE-2022-29154.patch: fix insufficient validation of file names. - CVE-2022-29154. SECURITY UPDATE: path traversal vulnerability. -...
CVE-2025-36236
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server formerly known as NIM master service nimesis could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to write arbitrary files on the system...
Exploit for CVE-2025-7401
CVE-2025-7401 Premium Age Verification / Restriction for WordP...
EUVD-2006-2100
Malware in sbrugna...
EUVD-2003-0279
Malware in sbrugna...
EUVD-2018-12639
Malware in sbrugna...
EUVD-2015-1532
Malware in sbrugna...
EUVD-2011-5192
Malware in sbrugna...
EUVD-2017-2812
Malware in sbrugna...
EUVD-2015-6769
Malware in sbrugna...