Lucene search
K

5400 matches found

Cvelist
Cvelist
added 2026/07/01 2:39 p.m.34 views

CVE-2026-58126 PACSgear PACS Scan 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service

PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can...

9.8CVSS0.00963EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/07/01 1:49 p.m.6 views

CVE-2026-23537 Feast: unauthenticated arbitrary file write

A vulnerability has been identified in the Feast Feature Server’s /save-document endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling a...

9.1CVSS6.2AI score0.00568EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/01 1:49 p.m.32 views

CVE-2026-23537 Feast: unauthenticated arbitrary file write

A vulnerability has been identified in the Feast Feature Server’s /save-document endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling a...

9.1CVSS0.00568EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/01 12:26 p.m.8 views

CVE-2026-8387

A vulnerability in allegroai/clearml versions up to and including 1.16.5 allows for relative path traversal when extracting .zip archives using the ZipFile.extractall method in StorageManager.extracttocache. This issue arises due to the lack of path traversal validation, enabling an attacker to...

2.4CVSS6.5AI score0.00357EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

openSUSE 16 Security Update : python-py7zr (openSUSE-SU-2026:21159-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21159-1 advisory. Changes in python-py7zr: - CVE-2026-23879: crafted malicious symbolic link chains in an archive can lead to an arbitrary file write bsc1268669 -...

8.7CVSS6.2AI score0.00404EPSS
Exploits0References9
NVD
NVD
added 2026/06/30 11:17 p.m.8 views

CVE-2026-56377

ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries...

4.8CVSS0.00164EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/30 11:16 p.m.5 views

Directory Traversal

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

4.8CVSS6.5AI score0.00164EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/30 11:16 p.m.4 views

Directory Traversal

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

4.8CVSS6.5AI score0.00164EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 3:51 p.m.34 views

CVE-2026-58166 OpenBMB ChatDev - Unauthenticated Path Traversal in Upload Handler Allows Arbitrary File Write and Delete

OpenBMB ChatDev through 2.2.0, fixed in commit 4fd4da6, contains a path traversal vulnerability that allows unauthenticated remote attackers to write or delete arbitrary files by supplying a malicious multipart filename in the file upload endpoint. Attackers can send a crafted filename containing...

9.1CVSS0.00628EPSS
Exploits0References4
CVE
CVE
added 2026/06/30 3:51 p.m.26 views

CVE-2026-58166

OpenBMB ChatDev

9.1CVSS6AI score0.00628EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/30 11:10 a.m.9 views

CVE-2026-40987

A flaw was found in Spring Integration. A malicious or compromised FTP File Transfer Protocol, SFTP SSH File Transfer Protocol, or SMB Server Message Block server can exploit this vulnerability. This allows the server to write arbitrary files with attacker-controlled content to any location on th...

7.1CVSS6.2AI score0.0021EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/30 5:14 a.m.9 views

CVE-2026-56876

A flaw was found in extract-zip. This vulnerability allows a remote attacker to craft a malicious zip file containing symbolic links that point to locations outside the intended extraction directory. When a user extracts this malicious archive, extract-zip fails to validate the symlink targets,...

8.6CVSS6AI score0.00346EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/30 4:30 a.m.7 views

EUVD-2026-40253

The PixMagix – WordPress Image Editor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.7.2 via the moveimageonserver function. This makes it possible for authenticated attackers, with author-level access and above, to write files with...

6.5CVSS5.9AI score0.00541EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-57966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on th...

4.4CVSS6AI score0.00135EPSS
Exploits0References4
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-265 NASA AMMOS Instrument Toolkit: Path traversal resulting in arbitrary file append (can be triggered over the network by unauthenticated attacker)

Summary The Binary Stream Capture BSC component exposes an unauthenticated HTTP API for dynamically creating packet capture “handlers.” Because the code blindly trusts path‑related form fields, a remote client can: - Bypass the configured log root and direct BSC to log to arbitrary filesystem...

9.1CVSS6.1AI score0.00163EPSS
Exploits0References7
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-353 H2O has an External Control of File Name or Path vulnerability

A vulnerability in h2oai/h2o-3 version 3.46.0.1 allows remote attackers to write arbitrary data to any file on the server. This is achieved by exploiting the /3/Parse endpoint to inject attacker-controlled data as the header of an empty file, which is then exported using the...

9.1CVSS8AI score0.00629EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 11:50 a.m.8 views

PYSEC-2026-531 Semantic Kernel has Arbitrary File Write via AI Agent Function Calling in .NET SDK

Impact What kind of vulnerability is it? Who is impacted? An Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the SessionsPythonPlugin. Developers who have built applications which include Microsoft's Semantic Kernel .NET SDK and...

9.9CVSS5.8AI score0.0195EPSS
Exploits0References7
OSV
OSV
added 2026/06/29 11:50 a.m.9 views

PYSEC-2026-558 Unstructured has Path Traversal via Malicious MSG Attachment that Allows Arbitrary File Write

A Path Traversal vulnerability in the partitionmsg function allows an attacker to write or overwrite arbitrary files on the filesystem when processing malicious MSG files with attachments. Impact An attacker can craft a malicious .msg file with attachment filenames containing path traversal...

9.8CVSS8.1AI score0.00616EPSS
Exploits0References6
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-469 PraisonAI vulnerable to arbitrary file write via path traversal in `praisonai recipe unpack`

| Field | Value | |---|---| | Severity | Critical | | Type | Path traversal -- arbitrary file write via tar.extract without member validation | | Affected | src/praisonai/praisonai/cli/features/recipe.py:1170-1172 | Summary cmdunpack in the recipe CLI extracts .praison tar archives using raw...

9.4CVSS6AI score0.00379EPSS
Exploits1References6
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-408 MCP Atlassian has an arbitrary file write leading to arbitrary code execution via unconstrained download_path in confluence_download_attachment

Summary The confluencedownloadattachment MCP tool accepts a downloadpath parameter that is written to without any directory boundary enforcement. An attacker who can call this tool and supply or access a Confluence attachment with malicious content can write arbitrary content to any path the serv...

9CVSS6.7AI score0.0226EPSS
Exploits1References6
Rows per page
Query Builder