107 matches found
CVE-2026-3345
IBM Langflow Desktop =1.8.4 Langflow could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...
CVE-2026-29050
melange allows users to build apk packages using declarative pipelines. Starting in version 0.32.0 and prior to version 0.43.4, an attacker who can influence a melange configuration file — for example through pull-request-driven CI or build-as-a-service scenarios — could set pipeline.uses to a...
CVE-2026-29050 melange has Path Traversal When Resolving External Pipelines via Unvalidated pipeline[].uses
melange allows users to build apk packages using declarative pipelines. Starting in version 0.32.0 and prior to version 0.43.4, an attacker who can influence a melange configuration file — for example through pull-request-driven CI or build-as-a-service scenarios — could set pipeline.uses to a...
PT-2026-34803
Name of the Vulnerable Software and Affected Versions melange versions 0.32.0 through 0.43.3 Description An attacker capable of influencing a configuration file, such as in build-as-a-service or pull-request-driven CI scenarios, can manipulate the pipeline.uses variable to include absolute paths ...
CVE-2026-4917 IBM Guardium Data Protection is affected by multiple vulnerabilities
IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to write arbitrary files on the system...
CVE-2026-4917
IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to write arbitrary files on the system...
CVE-2026-4917 IBM Guardium Data Protection is affected by multiple vulnerabilities
IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to write arbitrary files on the system...
PT-2026-34581
IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to write arbitrary files on the system...
Directory Traversal
Overview scitokens is a SciToken reference implementation library Affected versions of this package are vulnerable to Directory Traversal via the checkscope and scopepathmatches functions. An attacker can gain unauthorized access to restricted directories by including dot-dot .. sequences in the...
EUVD-2025-37199
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...
CVE-2025-3356
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view, overwrite, or append to arbitrary files on the system...
CVE-2025-3355
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...
PT-2025-44450
Name of the Vulnerable Software and Affected Versions IBM Tivoli Monitoring versions 6.3.0.7 through 6.3.0.7 Service Pack 21 Description The software potentially allows a remote attacker to access files on the system outside of the intended directories. This is achieved by sending a crafted URL...
EUVD-2003-0152
Malware in sbrugna...
EUVD-2006-3323
Malware in sbrugna...
EUVD-2004-0405
Malware in sbrugna...
EUVD-2003-0411
Malware in sbrugna...
EUVD-2020-28790
Malware in sbrugna...
CVE-2025-36114 IBM QRadar SOAR Plugin App path traversal
IBM QRadar SOAR Plugin App 1.0.0 through 5.6.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...
PT-2025-34063 · Ibm · Ibm Soar Qradar Plugin App
Name of the Vulnerable Software and Affected Versions: IBM QRadar SOAR Plugin App versions 1.0.0 through 5.6.0 Description: The IBM QRadar SOAR Plugin App may allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing “dot dot”...