236 matches found
EUVD-2018-4894
Malware in sbrugna...
EUVD-2017-14501
Malware in sbrugna...
EUVD-2005-2658
Malware in sbrugna...
EUVD-2018-15774
Malware in sbrugna...
EUVD-2024-2131
Malicious code in bioql PyPI...
EUVD-2024-54682
Malicious code in bioql PyPI...
EUVD-2023-0231
Malicious code in bioql PyPI...
CVE-2025-7647
The llama-index-core package, up to version 0.12.44, contains a vulnerability in the getcachedir function where a predictable, hardcoded directory path /tmp/llamaindex is used on Linux systems without proper security controls. This vulnerability allows attackers on multi-user systems to steal...
GHSA-CR7Q-2W66-HJCM llama-index-core insecurely handles temporary files
The llama-index-core package, up to version 0.12.44, contains a vulnerability in the getcachedir function where a predictable, hardcoded directory path /tmp/llamaindex is used on Linux systems without proper security controls. This vulnerability allows attackers on multi-user systems to steal...
CVE-2025-38615 fs/ntfs3: cancle set bad inode after removing name fails
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: cancle set bad inode after removing name fails The reproducer uses a file0 on a ntfs3 file system with a corrupted ilink. When renaming, the file0's inode is marked as a bad inode because the file name cannot be deleted...
World-Writable NLTK Cache Directory Enables Local Users to Tamper with or Delete NLP Data
Description The llamaindex library sets the NLTK data directory to a subdirectory of the codebase by default e.g., static/nltkcache inside the package directory. In multi-user environments or shared hosting, this directory is world-writable or accessible by multiple users. As a result, any user c...
Insecure Temporary File Handling Vulnerability in llama-index-core
Description The getcachedir function in llama-index-core uses a predictable, hardcoded directory path /tmp/llamaindex on Linux systems without proper security controls. This vulnerability allows attackers on multi-user systems to steal proprietary models, poison cached embeddings, or conduct...
Directory Traversal
Salt is vulnerable to a Directory traversal. The vulnerability is due to improper validation of file paths during cache creation, allowing attackers to write or overwrite files outside the intended cache directory...
SUSE CVE-2025-22238
Directory traversal attack in minion file cache creation. The master's default cache is vulnerable to a directory traversal attack. Which could be leveraged to write or overwrite 'cache' files outside of the cache directory...
GHSA-8PCP-R83J-FC92 Salt vulnerable to directory traversal attack in file receiving method
Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...
Salt vulnerable to directory traversal attack in file receiving method
Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...
GHSA-R546-H3FF-Q585 Salt vulnerable to directory traversal attack in minion file cache creation
Directory traversal attack in minion file cache creation. The master's default cache is vulnerable to a directory traversal attack. Which could be leveraged to write or overwrite 'cache' files outside of the cache directory...
CVE-2024-38824
Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...
CVE-2024-38824
Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...
CVE-2024-38824
Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...