CVE-2026-42320 GLPI vulnerable to arbitrary file access

GLPI is a free asset and IT management software package. Starting in version 0.50 and prior to versions 10.0.25 and 11.0.7, a technician can read arbitrary files inside the GLPIDOCDIR. Upgrade to 10.0.25 or 11.0.7 to receive a patch...

D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure

D-LINK DIR-845L DEVICE.ACCOUNT" - "" condition: and - type: status status: - 200 digest: 4a0a00473045022038ad599642f801f5dbb373416b0cfbf826cb8d95bc2341e510cb8656cbb6332a022...

D-Link DIR-610 Devices - Information Disclosure

D-Link DIR-610 devices allow information disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZEDGROUP=1 to getcfg.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. id: CVE-2020-9376 info: name: D-Link DIR-610 Devices - Information Disclosure author:...

D-Link DIR-615 - Unauthorized Access

D-Link DIR-615 devices with firmware 20.06 are susceptible to unauthorized access. An attacker can access the WAN configuration page wan.htm without authentication, which can lead to disclosure of WAN settings, data modification, and/or other unauthorized operations. id: CVE-2021-42627 info: name...

D-Link DIR-803 - Authentication Bypass

An authentication bypass vulnerability exists in D-Link DIR-803 routers firmware A1 1.04 and earlier. By manipulating the AUTHORIZEDGROUP parameter in /getcfg.php via newline injection, an attacker can retrieve XML configuration containing administrator credentials without authentication. id:...

D-Link DIR-605 - Information Disclosure

An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version - 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page id: CVE-2021-40655 info: name: D-Link DIR-605 - Information Disclosure author: DhiyaneshDK severity: high...

D-Link DIR-816L - Improper Access Control

D-Link DIR-816LFW206b01 is susceptible to improper access control. An attacker can access folders folderview.php and categoryview.php and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2022-28955 info: name: D-Link DIR-816L - Improper...

openSUSE 16 Security Update : docker-stable (openSUSE-SU-2026:20814-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20814-1 advisory. This update for docker-stable fixes the following issues - CVE-2026-33747: github.com/moby/buildkit: malicious frontends can craft API messages...

tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape

Summary The tmp npm package contains a path traversal vulnerability that allows escaping the intended temporary directory when untrusted data flows into the prefix, postfix, or dir options. By embedding traversal sequences e.g., ../ or path separators in these parameters, attackers can cause file...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via unsanitized input in the prefix, postfix, or dir parameters during path construction. An attacker can create files outside the intended temporary directory, potentially overwriting or placing files in sensitive...

PT-2026-43627

Summary The tmp npm package contains a path traversal vulnerability that allows escaping the intended temporary directory when untrusted data flows into the prefix, postfix, or dir options. By embedding traversal sequences e.g., ../ or path separators in these parameters, attackers can cause file...

CVE-2026-42496

Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar header's linkname to symlink without validating it against absolute paths or .. segments. The secure-extract mode check that guards regular...

CVE-2026-9400

A flaw has been found in Edimax BR-6675nD 1.12. This issue affects the function formUSBStorage of the file /goform/formUSBStorage of the component POST Request Handler. Executing a manipulation of the argument subdir can lead to command injection. It is possible to launch the attack remotely. The...

CVE-2026-9400 Edimax BR-6675nD POST Request formUSBStorage command injection

A flaw has been found in Edimax BR-6675nD 1.12. This issue affects the function formUSBStorage of the file /goform/formUSBStorage of the component POST Request Handler. Executing a manipulation of the argument subdir can lead to command injection. It is possible to launch the attack remotely. The...

CVE-2026-9400

Edimax BR-6675nD (firmware 1.12) is affected by a command-injection in the POST Request Handler’s formUSBStorage function (/goform/formUSBStorage). By manipulating the sub_dir parameter, an attacker can execute arbitrary commands remotely. The CVE description consistently notes a remote attack po...

PT-2026-42971

Name of the Vulnerable Software and Affected Versions Edimax BR-6675nD version 1.12 Description A flaw in the POST Request Handler component allows for remote command injection. The issue exists within the formUSBStorage function located in the '/goform/formUSBStorage' endpoint. An attacker can...

D-Link DIR-601 安全漏洞

The D-Link DIR-601 is a home wireless router produced by D-Link Corporation. The D-Link DIR-601 2.02NA version has a security vulnerability. This vulnerability arises from manipulating the tablename parameter in POST requests, which may allow unauthenticated attackers to retrieve sensitive...

CVE-2026-48234 Open ISES Tickets < 3.44.2 SQL Injection via portal/ajax/list_requests.php sort and dir Parameters

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in portal/ajax/listrequests.php where the sort and dir GET parameters are concatenated into the ORDER BY clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics ...

CVE-2026-48234

Open ISES Tickets prior to 3.44.2 is affected by CVE-2026-48234, a SQL injection in portal/ajax/list_requests.php where the sort and dir GET parameters are concatenated into the ORDER BY clause without sanitization. Authenticated users can craft requests to alter query semantics, potentially read...

CVE-2026-48234 Open ISES Tickets < 3.44.2 SQL Injection via portal/ajax/list_requests.php sort and dir Parameters

Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in portal/ajax/listrequests.php where the sort and dir GET parameters are concatenated into the ORDER BY clause of a SELECT statement without sanitization. Authenticated attackers can craft requests that alter query semantics ...