1296 matches found
Discourse Backup File Disclosure Via Default Nginx Configuration
Discourse is an open source platform for community discussion. This vulnerability only impacts Discourse instances configured to use FileStore--LocalStore which means uploads and backups are stored locally on disk. If an attacker knows the name of the Discourse backup file, the attacker can trick...
WordPress Plugin File Manager (wp-file-manager) Backup Disclosure
mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to the fmbackups directory with a .htaccess file. This results in the ability for unauthenticated users to browse and download any site backups, which sometimes include full database backups, that the plugin has taken...
CVE-2026-9834 WP Database Backup <= 7.11 - Authenticated (Administrator+) OS Command Injection via 'wp_db_exclude_table' Parameter
The WP Database Backup – Unlimited Database & Files Backup by Backup for WP plugin for WordPress is vulnerable to OS Command Injection in all versions up to and including 7.11 via the wpdbexcludetable parameter. This is due to the direct concatenation of user-supplied $POST'wpdbexcludetable' valu...
OPENSUSE-SU-2026:21166-1 Security update for nano
This update for nano fixes the following issues: Changes in nano: - Update to version 9.1: When searching, the viewport is placed snug left where possible. The ability to read and write files in old Mac format a lone carriage return as line ending was removed. The ^T toggle between WhereIs and...
CVE-2026-13514
A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...
GHSA-4XG6-52MH-FPW8 Incus: Nil-pointer dereference in createDependentVolumesFromBackup on disk.{Volume,VolumeSnapshots,Pool}
Summary backend.createDependentVolumesFromBackup in internal/server/storage/backend.go contains a cluster of unguarded pointer derefs on every dependent-volume entry's VolumeSnapshotsi, Volume, and Pool sub-fields. An authenticated user with cancreateinstances permission on any project can crash...
GHSA-VXP5-584Q-C479 Incus has arbitrary file read+write on host via templates/ symlink in malicious image
Summary A specially crafted image or instance backup can be used to read or create/write arbitrary files on the host; possibly leading to arbitrary command execution. Details For container images, internal/server/storage/utils.go calls archive.UnpackimageFile, destPath, .... The tar extraction pa...
DEBIAN-CVE-2026-9639
Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with cancreatestoragevolumes permissions to cause a denial of service via a specially crafted custom-volume backup tarball that omits the expiresat snapshot field...
PT-2026-53013
Name of the Vulnerable Software and Affected Versions Incus affected versions not specified Description A flaw exists where a specially crafted container image or instance backup can be used to read or create and write arbitrary files on the host, potentially leading to arbitrary command executio...
Important: Red Hat Security Advisory: Red Hat OpenShift API for Data Protection
A new version of OpenShift API for Data Protection OADP is now available. OpenShift API for Data Protection OADP enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and...
GHSA-48X2-6PR9-2JJF Network-AI: EnvironmentManager.restore() backup ID path traversal copies arbitrary directories into environment data
Summary EnvironmentManager.restoreenv, backupId computes the backup path with joinenvDir, '.backups', backupId and only checks that this path exists. It does not resolve the result or verify that it remains under data//.backups. A caller can pass a traversal backup ID such as...
GHSA-2FMP-9RVW-HC96 Network-AI: Poisoned environment backup manifest allows arbitrary recursive deletion during backup pruning
Summary EnvironmentManager.listBackups reads each backup's manifest.json and trusts the manifest's path field. EnvironmentManager.pruneBackups later passes that trusted entry.path directly to rmSyncentry.path, recursive: true, force: true . An attacker who can place or modify a manifest inside...
Important: Red Hat Security Advisory: Red Hat OpenShift API for Data Protection
A new version of OpenShift API for Data Protection OADP is now available. OpenShift API for Data Protection OADP enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and...
BIT-DISCOURSE-2026-45775 Discourse: Cross-site backup access via path traversal in multisite local backups
Discourse is an open-source discussion platform. From versions 2026.1.0 to before 2026.1.4, 2026.3.0 to before 2026.3.1, and 2026.4.0 to before 2026.4.1, a path traversal vulnerability in Discourse backup handling could allow an authenticated administrator on one site in a multisite deployment to...
wannacry-soc-lab
WannaCry SOC Investigation Lab Overview This project simu...
CVE-2026-45775
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, a path traversal vulnerability in Discourse backup handling could allow an authenticated administrator on one site in a...
CVE-2026-45775 Discourse: Cross-site backup access via path traversal in multisite local backups
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, a path traversal vulnerability in Discourse backup handling could allow an authenticated administrator on one site in a...
EUVD-2026-36559
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, a path traversal vulnerability in Discourse backup handling could allow an authenticated administrator on one site in a...
CVE-2026-45775
Discourse, a multi-site capable open-source discussion platform, has a path traversal vulnerability in its backup handling that could let an authenticated administrator on one site access backup files from another site on the same host. Affected version ranges include 2026.1.0-latest up to before...
CVE-2026-45775 Discourse: Cross-site backup access via path traversal in multisite local backups
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, a path traversal vulnerability in Discourse backup handling could allow an authenticated administrator on one site in a...