21 matches found
CVE-2026-40048
CVE-2026-40048 – Apache Camel PQC deserialization flaw : The Camel-PQC FileBasedKeyLifecycleManager deserializes the contents of .key files in the configured key directory via java.io.ObjectInputStream without ObjectInputFilter or class-loading restrictions. The vulnerable step is that the cast t...
CVE-2026-40048 Apache Camel PQC: Unsafe Deserialization from FileBasedKeyLifecycleManager
The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of .key files in the configured key directory using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. The cast to java.security.KeyPair is evaluated only after readObject has...
EUVD-2026-12548
The mailqueue TYPO3 extension has Insecure Deserialization in TransportFailure class...
CVE-2026-1323
The extension fails to properly define allowed classes used when deserializing transport failure metadata. An attacker may exploit this to execute untrusted serialized code. Note that an active exploit requires write access to the directory configured at...
CVE-2025-15561
An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT Authority\SYSTEM. A malicious executable must be named WTWatch.exe and dropped in the C:\ProgramData\wta\ClientExe directory, which is writable by "Everyone". The executab...
CVE-2025-66461
FULLBACK Manager Pro provided by GS Yuasa International Ltd. registers two Windows services with unquoted file paths. A user may execute arbitrary code with SYSTEM privilege if he/she has the write permission on the path to the directory where the affected product is installed...
CVE-2025-66461
FULLBACK Manager Pro provided by GS Yuasa International Ltd. registers two Windows services with unquoted file paths. A user may execute arbitrary code with SYSTEM privilege if he/she has the write permission on the path to the directory where the affected product is installed...
EUVD-2025-201699
FULLBACK Manager Pro provided by GS Yuasa International Ltd. registers two Windows services with unquoted file paths. A user may execute arbitrary code with SYSTEM privilege if he/she has the write permission on the path to the directory where the affected product is installed...
CVE-2025-66461
Summary: The CVE-2025-66461 vulnerability affects GS Yuasa’s FULLBACK Manager Pro. The issue is unquoted file paths for two Windows services, enabling local user with write access to the installation directory to execute arbitrary code with SYSTEM privileges. Affected product (from sources): FULL...
PT-2025-49543
FULLBACK Manager Pro provided by GS Yuasa International Ltd. registers two Windows services with unquoted file paths. A user may execute arbitrary code with SYSTEM privilege if he/she has the write permission on the path to the directory where the affected product is installed...
SonicWall SMA100 SSL-VPN Path Traversal Vulnerability
The SonicWall SMA100 is a secure access gateway appliance from SonicWall USA. A path traversal vulnerability exists in the SonicWall SMA100, which can be exploited by a user with SSLVPN privileges to inject a path traversal sequence that can be used by an attacker to make any directory writable...
CVE-2025-32820
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can inject a path traversal sequence to make any directory on the SMA appliance writable...
CVE-2025-32820
CVE-2025-32820 affects SonicWall SMA100/10.x SSL-VPN appliances. An authenticated SSLVPN user with low privileges can inject a path traversal sequence to make any directory on the SMA writable (world-writable). Public write access to system dirs can enable follow-on abuse or facilitate privilege ...
SonicWALL SMA100 安全漏洞
The SonicWall SMA100 is a secure access gateway appliance from SonicWall USA. A path traversal vulnerability exists in the SonicWall SMA100, which can be exploited by a user with SSLVPN privileges to inject a path traversal sequence that can be used by an attacker to make any directory writable...
SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2023:3163-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3163-1 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site ...
macOS Dirty Cow Arbitrary File Write Local Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'macOS Dirty Cow Arbitrary File Write Local Privilege Escalation', 'Description' = %q An app may be able to execute arbitrary code with kernel...
CVE-2020-25507
An incorrect permission assignment during the installation script of TeamworkCloud 18.0 thru 19.0 allows a local unprivileged attacker to execute arbitrary code as root. During installation, the user is instructed to set the system enviroment file with world writable permissions 0777...
Kenhys Td Agent Builder Permission License and Access Control Issues Vulnerability
Kenhys Td Agent Builder is a Ruby-based software for collecting various types of log information by the individual developer Kenhys. Fluentd td-agent-builder plugin before 2020-12-18 A security vulnerability exists that could be exploited by an attacker to gain privileges because the bin director...
CVE-2019-20384
Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64/nagios/plugins directory by leveraging access to the nagios user account, because this directory is writable in between a call to emake and a call to fowners...
DEBIAN-CVE-2018-13405
The inodeinitowner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigge...