CVE-2026-25674

An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in Django allows an attacker to cause file system objects to be created with incorrect permissions via concurrent requests, where one thread's...

CVE-2025-4953 Podman: build context bind mount

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...

The vulnerability of the Lenovo XClarity Controller (XCC) for Lenovo ThinkSystem servers arises from the lack of measures taken to neutralize specific elements, allowing a perpetrator to execute arbitrary commands.

The vulnerability of the Lenovo XClarity Controller XCC for Lenovo ThinkSystem systems is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using specially created files...

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the use of an uninitialized pointer on the stack, allowing a malicious actor to execute arbitrary code within the context of the current process.

The vulnerability of the Siemens Solid Edge design and simulation tools is related to the use of an uninitialized pointer on the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current process, through the use of specially created P...

CVE-2022-35295

In SAP Host Agent SAPOSCOL - version 7.22, an attacker may use files created by saposcol to escalate privileges for themselves...

Tcl 格式化字符串错误漏洞

Tcl is a free and available open source package. It provides a powerful platform for creating integrated applications that tie together various applications, protocols, devices, and frameworks. A format string error vulnerability exists in Tcl version 8.6.11, which stems from a format string...

USN-4049-2 glib2.0 vulnerability

USN-4049-1 fixed a vulnerability in GLib. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that GLib created directories and files without properly restricting permissions. An attacker could possibly use this iss...

CVE-2019-6530

Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user causing heap-based buffer overflows, which may lead to remote code execution...

The vulnerability of the FortiClient for MAC protection mechanism, which stems from deficiencies in access control, allows attackers to trigger a service failure.

The vulnerability of the FortiClient for MAC protection tool is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to trigger a service failure using specially created files...

Unspecified Vulnerability in IBM MQ Managed File Transfer Agent

IBM MQ Managed File Transfer Agent is a suite of file transfer software from IBM in the United States. The software transfers files between systems in an auditable manner. A security vulnerability exists in IBM MQ Managed File Transfer Agent that arises from the program setting insecure permissio...