67 matches found
EUVD-2010-0577
Malware in sbrugna...
EUVD-2014-6008
Malware in sbrugna...
EUVD-2024-50155
Malicious code in bioql PyPI...
EUVD-2023-57818
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-30943
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user c...
DEBIAN-CVE-2025-46415
A race condition in the Nix, Lix, and Guix package managers allows the removal of content from arbitrary folders. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b...
UBUNTU-CVE-2025-46415
A race condition in the Nix, Lix, and Guix package managers allows the removal of content from arbitrary folders. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b...
CVE-2023-5504
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the Log File Folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default...
CVE-2023-5505
The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the job-specific backup folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally,...
CVE-2019-5447
A path traversal vulnerability in = v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders...
CVE-2024-9842
Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders...
PT-2025-1976 · WordPress · Connections Business Directory
Name of the Vulnerable Software and Affected Versions: Connections Business Directory plugin for WordPress versions up to, and including, 10.4.66 Description: The issue is related to insufficient file path validation when deleting a connections image directory, allowing authenticated attackers wi...
CVE-2024-53921
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process...
CVE-2024-53921
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process...
CVE-2024-9842
Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders...
CVE-2024-9842
Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders...
CVE-2024-9842
CVE-2024-9842 refers to an improper permissions issue in Ivanti Secure Access Client, before version 22.7R4, that allows a local authenticated attacker to create arbitrary folders. Multiple connected advisories corroborate the detail of an attacker with local access exploiting incorrect permissio...
CVE-2024-9842
Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders...
CVE-2024-45315
The Improper link resolution before file access 'Link Following' vulnerability in SonicWall Connect Tunnel version 12.4.3.271 and earlier of Windows client allows users with standard privileges to create arbitrary folders and files, potentially leading to local Denial of Service DoS attack...
CVE-2024-45315
The Improper link resolution before file access 'Link Following' vulnerability in SonicWall Connect Tunnel version 12.4.3.271 and earlier of Windows client allows users with standard privileges to create arbitrary folders and files, potentially leading to local Denial of Service DoS attack...