669 matches found
CVE-2026-6940
radare2 prior to 6.1.4 contains a path traversal vulnerability in project deletion that allows local attackers to recursively delete arbitrary directories by supplying absolute paths that escape the configured dir.projects root directory. Attackers can craft absolute paths to project marker files...
CVE-2026-6940
CVE-2026-6940 : radare2 versions before 6.1.4 contain a path traversal vulnerability in the project deletion feature. A local attacker can supply absolute paths that escape the dir.projects root to recursively delete arbitrary directories, by targeting project marker files outside the project sto...
GHSA-V762-X3CF-5MFG Duplicate Advisory: uutils coreutils has a Link Following Issue Via rm Utility
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7cr3-h577-g38j. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The...
uutils coreutils 路径遍历漏洞
uutils coreutils is a cross-platform core command-line toolset developed by Uutils. uutils coreutils has a path traversal vulnerability. This vulnerability stems from the chmod utility, which allows users to bypass the --preserve-root security mechanism. As a result, it only verifies whether the...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010872)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010872 advisory. In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that SIFMT bits of...
goshs 路径遍历漏洞
Goshs is a simple HTTP server developed by Patrick Hener using Go language. Versions of Goshs prior to 2.0.0-beta.6 contained a path traversal vulnerability. This vulnerability stemmed from the SFTP subsystem’s sanitizePath function, which used prefix-based path validation. As a result,...
GHSA-XJVP-7243-RG9H Wish has SCP Path Traversal that allows arbitrary file read/write
Summary The SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server, and create directories outside the configured root directory by sending crafted filenames containing ../...
PT-2026-37134
Name of the Vulnerable Software and Affected Versions Wish versions 2.0.0 through 2.0.0 Description The SCP middleware in charm.land/wish/v2 is subject to path traversal. A malicious SCP client can read and write arbitrary files, as well as create directories outside the configured root directory...
CVE-2026-40188
goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. This vulnerability is fixed in 2.0.0-beta.4...
CVE-2026-39859
LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, liquidjs 10.25.0 documents root as constraining filenames passed to renderFile and parseFile, but top-level file loads do not enforce that boundary. A Liquid instance configured with an empty...
Missing Write Protection for Parametric Data Values
Overview Affected versions of this package are vulnerable to Missing Write Protection for Parametric Data Values through improper sanitization of the destination path in the rename process. An attacker can overwrite files outside the intended root directory by supplying crafted destination paths...
Missing Write Protection for Parametric Data Values
Overview Affected versions of this package are vulnerable to Missing Write Protection for Parametric Data Values through improper sanitization of the destination path in the rename process. An attacker can overwrite files outside the intended root directory by supplying crafted destination paths...
CVE-2026-40188
goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. This vulnerability is fixed in 2.0.0-beta.4...
GHSA-2943-CRP8-38XX goshs is Missing Write Protection for Parametric Data Values
Summary The SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. Details Here is the issue: go // helper.go:155-215 func cmdFileroot string, r sftp.Request, ip string, sftpServer SFTPServer error fullPath...
goshs is Missing Write Protection for Parametric Data Values
Summary The SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. Details Here is the issue: go // helper.go:155-215 func cmdFileroot string, r sftp.Request, ip string, sftpServer SFTPServer error fullPath...
CVE-2026-40188
goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. This vulnerability is fixed in 2.0.0-beta.4...
PT-2026-32038
Name of the Vulnerable Software and Affected Versions: goshs versions 1.0.7 through 2.0.0-beta.4 Description: goshs is a SimpleHTTPServer written in Go. The SFTP command rename sanitizes only the source path and not the destination, allowing a write outside of the root directory of the SFTP. This...
goshs 安全漏洞
Goshs is a simple HTTP server developed by Patrick Hener using Go language. Versions of Goshs from 1.0.7 to 2.0.0-beta.4 contained security vulnerabilities. These vulnerabilities stemmed from the SFTP command rename, which only cleaned up the source path but did not clean up the target path,...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which arises when the target is replaced by a symbolic link during the Root.Chmod operation,...
liquidjs 路径遍历漏洞
LiquidJS is a simple, expressive, secure, and compatible JavaScript template engine developed by Jun Yang. Versions of LiquidJS prior to 10.25.3 had a path traversal vulnerability, which stemmed from the lack of enforcement of root directory restrictions, potentially allowing access to arbitrary...