CVE-2026-21661

Uncontrolled Search Path Element vulnerability in JohnsonControls AC2000 on Windows allows Leveraging/Manipulating Configuration File Search Paths. This issue affects AC2000: from 10.6 before release 10, from 11.0 before release 9, from 12 before release 3...

KeePassXC 代码问题漏洞

KeePassXC is an open-source cross-platform password manager. KeePassXC has code vulnerabilities, which stem from uncontrolled OpenSSL configuration paths, potentially leading to local privilege escalation...

Rack 安全漏洞

Rack is a modular Ruby web server interface developed by the Rack open-source project. Versions of Rack prior to 2.2.23, 3.1.21, and 3.2.6 contained security vulnerabilities. These vulnerabilities stemmed from Rack::Directory allowing the root path of configuration settings to be directly inserte...

CVE-2019-25257

LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities that allow attackers to manipulate binary paths when changing system settings. Attackers can exploit these vulnerabilities by modifying configuration parameters like antivirus.command,...

CVE-2025-14018

Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc. E-Fatura allows Leveraging/Manipulating Configuration File Search Paths, Redirect Access to Libraries.This issue affects e-Fatura: before 1.2.15...

Improper Input Validation

git is vulnerable to improper input validation. The vulnerability is due to improper handling of carriage return CR characters in configuration and submodule paths, which allows an attacker to exploit the altered path and potentially trigger unintended execution of a submodule’s post-checkout hoo...

SUSE-SU-2021:3254-1 Security update for rabbitmq-server

This update for rabbitmq-server fixes the following issues: - CVE-2021-32718: Fixed improper neutralization of script-related HTML tags in a web page basic XSS in management UI bsc1187818. - CVE-2021-32719: Fixed improper neutralization of script-related HTML tags in a web page basic XSS in...