37 matches found
CVE-2026-54394
MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields such as id, name, and uuid without ensuring that the resolved file remains inside the intended APP/files/img/orgs/...
CVE-2026-54394 MISP organisation logo path traversal allows retrieval of arbitrary PNG/SVG files
MISP contains a path traversal vulnerability in OrganisationsController::getOrgLogo. The vulnerable code builds organisation logo file paths using organisation-controlled fields such as id, name, and uuid without ensuring that the resolved file remains inside the intended APP/files/img/orgs/...
CVE-2026-54394
The CVE-2026-54394 entry describes a path traversal vulnerability in MISP's OrganisationsController::getOrgLogo. The vulnerable code constructs paths to organisation logos using fields like id, name, and uuid without enforcing that the resolved path stays under APP/files/img/orgs/. An attacker ab...
Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands
Impact The LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation. Attackers could craft malicious LaTeX documents with path traversal sequences e.g., ../../../etc/passwd to: - Read arbitrary files from the file system accessible to the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: cgroup: The cgroupgetfromid function must check that the looked-up key is a directory. The cgroup object must be a kernfs directory; otherwise, a kernel panic will occur, especially when the cgroup ID is provided from the user...
PT-2026-34803
Name of the Vulnerable Software and Affected Versions melange versions 0.32.0 through 0.43.3 Description An attacker capable of influencing a configuration file, such as in build-as-a-service or pull-request-driven CI scenarios, can manipulate the pipeline.uses variable to include absolute paths ...
GHSA-MVWX-582F-56R7 pyload-ng: Incomplete Tar Path Traversal Fix in UnTar._safe_extractall via os.path.commonprefix Bypass
Summary The safeextractall function in src/pyload/plugins/extractors/UnTar.py uses os.path.commonprefix for its path traversal check, which performs character-level string comparison rather than path-level comparison. This allows a specially crafted tar archive to write files outside the intended...
OESA-2026-1667 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Inconsistent Interpretation of HTTP Requests 'HTTP...
UBUNTU-CVE-2026-23942
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...
CVE-2026-23942
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...
CVE-2026-23942
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses string...
EEF-CVE-2026-23942 SFTP root escape via component-agnostic prefix check in ssh_sftpd
Summary Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP sshsftpd module allows Path Traversal. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl and program routines sshsftpd:iswithinroot/2. The SFTP server uses...
EUVD-2014-1140
Malware in sbrugna...
CVE-2025-54387 IPX is Vulnerable to Path Traversal via Prefix Matching Bypass
IPX is an image optimizer powered by sharp and svgo. In versions 1.3.1 and below, 2.0.0-0 through 2.1.0, and 3.0.0 through 3.1.0, the approach used to check whether a path is within allowed directories is vulnerable to path prefix bypass when the allowed directories do not end with a path...
FreshRSS 安全漏洞
FreshRSS is a free, self-hosted RSS aggregator from FreshRSS Open Source. A security vulnerability exists in FreshRSS versions prior to 1.26.2, which stems from an improper directory existence check and could lead to information disclosure...
SUSE CVE-2025-37785
In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with reclen == block size results in out-of-bounds read later on, when the corrupted directory is removed...
Linux Distros Unpatched Vulnerability : CVE-2022-48638
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroupgetfromid must check the looked-up kn is a directory cgroup has to be one kern...
DEBIAN-CVE-2022-48638
In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroupgetfromid must check the looked-up kn is a directory cgroup has to be one kernfs dir, otherwise kernel panic is caused, especially cgroup id is provide from userspace...
rpm: checks for unsafe symlinks are not performed for intermediary directories
It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threa...
CLSA-2023-1685631809 git: Fix of 2 CVEs
CVE-2022-24765: fix safe.directory key not being checked in setup.c - CVE-2022-29178: avoid failing dir ownership check - some unstable tests were disabled...