48 matches found
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack in the template repository generation process. An attacker can access or modify files outside the intended directory by leveraging symlinked or non-regular paths. Remediation Upgrade...
CVE-2026-45195
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel. Addresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses...
EUVD-2025-210298
GitHub Copilot 1.372.0 allows filesystem access outside of a workspace folder without user approval via a file-handler URI parameter to fetchwebpage. Therefore, exfiltration could occur if there is indirect prompt injection...
CVE-2026-47910 Dreamweaver Desktop | Incorrect Authorization (CWE-863)
Dreamweaver Desktop versions 21.7 and earlier are affected by an Incorrect Authorization vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issu...
EUVD-2026-29742
Substance3D - Designer versions 15.1.0 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories...
Adobe Commerce 路径遍历漏洞
Adobe Commerce is a leading global digital business solution for businesses and brands offered by Adobe in the United States. Adobe Commerce has a path traversal vulnerability, which stems from improper path name restrictions. This vulnerability may allow arbitrary file system reads and writes...
CVE-2026-5383
Summary: CVE-2026-5383 affects runZero Explorer, described as an incorrect authorization (CWE-863) that could allow access to Explorer groups from outside the authorized organization scope. It is scored CVSSv3.1: AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L (4.4, Medium) and has been fixed in runZero Expl...
CVE-2026-33748
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is...
PT-2026-28526
Name of the Vulnerable Software and Affected Versions BuildKit versions prior to 0.28.1 Description Insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is limited to files on the same mounted...
CVE-2026-4371
A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...
CVE-2026-26228
VideoLAN VLC for Android prior to version 3.7.0 contains a path traversal vulnerability in the Remote Access Server routing for the authenticated endpoint GET /download. The file query parameter is concatenated into a filesystem path under the configured download directory without canonicalizatio...
CVE-2025-40605
CVE-2025-40605 affects SonicWall Email Security appliances and is a path traversal vulnerability that lets an attacker manipulate file system paths by inserting directory-traversal sequences (e.g., ../) to access files outside restricted paths. The advisory set confirms related fixes in SonicWall...
CVE-2025-9345
CVE-2025-9345 : Path Traversal to Arbitrary File Download in the WordPress plugin “File Manager, Code Editor, and Backup by Managefy.” Affected versions: all up to 1.4.8. Root cause per sources: authenticated users (Subscriber level and higher) can leverage ajax_downloadfile() to access files out...
CVE-2011-10010
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the...
rack: rubygem-rack: Local File Inclusion in Rack::Static
A flaw was found in RackRubygems, where Rack::Static does not properly sanitize user-supplied paths before serving files. Specifically, encoded path traversal sequences are not correctly validated, allowing attackers to access files outside the designated static file directory. This flaw allows a...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 15.2, which stems from the fact that an application may be able to read and write files outside of its sandbox...
bubblewrap and flatpak security update
An update is available for bubblewrap. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Bubblewrap /usr/bin/bwrap is a core execution engine for unprivileged...
flatpak: Access to files outside sandbox for apps using persistent= (--persist)
A sandbox escape vulnerability was found in Flatpak due to a symlink-following issue when mounting persistent directories. This flaw allows a local user or attacker to craft a symbolic link that can bypass the intended restrictions, enabling access to and modification of files outside the...
SUSE CVE-1999-0183
Linux implementations of TFTP would allow access to files outside the restricted directory...