CVE-2023-32231

An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the folder and path file ahead of time and obtain elevated code execution...

CVE-2025-47273 setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write

setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in PackageIndex is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with...

PT-2025-17875 · Allegra +1 · Allegra

Name of the Vulnerable Software and Affected Versions: Allegra affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Allegra. The specific flaw exists within the implementation of the isZipEntryValide method, which...

CVE-2025-24813

A flaw was found in Apache Tomcat. In certain conditions and configurations, this vulnerability allows a remote attacker to exploit a path equivalence flaw to view file system contents and add malicious content via a write-enabled Default Servlet in Apache Tomcat. For the vulnerability to be...

USN-7266-1: digiKam vulnerabilities

Zinuo Han and Ao Wang discovered that the Android DNG SDK, vendored in digiKam, did not correctly parse certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2017-0691 It was...

CVE-2024-39332

Webswing 23.2.2 allows remote attackers to modify client-side JavaScript code to achieve path traversal, likely leading to remote code execution via modification of shell scripts on the server...

CVE-2024-50048 fbcon: Fix a NULL pointer dereference issue in fbcon_putcs

In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbconputcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param uint8t type; struct tioclselection ts; ; int main struct...

CVE-2024-50048 fbcon: Fix a NULL pointer dereference issue in fbcon_putcs

In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbconputcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param uint8t type; struct tioclselection ts; ; int main struct...

kernel: net: openvswitch: fix overwriting ct original tuple for ICMPv6

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVSPACKETCMDEXECUTE has 3 main attributes: - OVSPACKETATTRKEY - Packet metadata in a netlink format. - OVSPACKETATTRPACKET - Binary packet content. -...

Rockwell Automation ThinManager

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Rockwell Automation Equipment: ThinManager Vulnerability: Externally Controlled Reference to a Resource in Another Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could...

CVE-2024-5443 Remote Code Execution via Path Traversal in parisneo/lollms

CVE-2024-4320 describes a vulnerability in the parisneo/lollms software, specifically within the ExtensionBuilder.buildextension function. The vulnerability arises from the /mountextension endpoint, where a path traversal issue allows attackers to navigate beyond the intended directory structure...

CVE-2023-0598

GE Digital Proficy iFIX 2022, GE Digital Proficy iFIX v6.1, and GE Digital Proficy iFIX v6.5 are vulnerable to code injection, which may allow an attacker to insert malicious configuration files in the expected web server execution path and gain full control of the HMI software...

PT-2023-7457 · Ge Digital · Ge Digital Proficy Ifix

Name of the Vulnerable Software and Affected Versions: GE Digital Proficy iFIX versions 6.1 through 6.5 GE Digital Proficy iFIX 2022 Description: The issue is related to incorrect code generation management in the GE Proficy HMI/SCADA iFIX software, which may allow an attacker to gain full contro...

CVE-2022-35292

In SAP Business One application when a service is created, the executable path contains spaces and isn’t enclosed within quotes, leading to a vulnerability known as Unquoted Service Path which allows a user to gain SYSTEM privileges. If the service is exploited by adversaries, it can be used to...

CVE-2021-26630

Improper input validation vulnerability in HANDY Groupware’s ActiveX moudle allows attackers to download or execute arbitrary files. This vulnerability can be exploited by using the file download or execution path as the parameter value of the vulnerable function...

Exchange Rate Race Condition

Lines of code Vulnerability details GAX-01M: Exchange Rate Race Condition | File | Lines | Type ---|---|--- gALCX.sol | L69-L81 | Improper State Assumption Description The gALCX contains a race condition whereby whenever the contract has no stakes such as when the contract is first deployed the...

CVE-2022-23066

In Solana rBPF versions 0.2.26 and 0.2.27 are affected by Incorrect Calculation which is caused by improper implementation of sdiv instruction. This can lead to the wrong execution path, resulting in huge loss in specific cases. For example, the result of a sdiv instruction may decide whether to...

Development Kamel KCFinder 1.7 Shell Upload

Exploit Title : Development Kamel - KCFinder Shell Upload Vulnerability + Date : 25/03/2021 + Exploit Author : RAYAN ALi + Home : http://kamel.tech/ + Discovered By : RAYAN + Vendor Homepage : http://kamel.tech/ + Exploit: + http://localhost/resources/admin/Editor/kcfinder/browse.php?type=files +...

CVE-2021-23879

Unquoted service path vulnerability in McAfee Endpoint Product Removal EPR Tool prior to 21.2 allows local administrators to execute arbitrary code, with higher-level privileges, via execution from a compromised folder. The tool did not enforce and protect the execution path. Local admin privileg...

CVE-2021-23879

The CVE-2021-23879 entry describes an unquoted service path vulnerability in McAfee Endpoint Product Removal (EPR) Tool, before version 21.2. The flaw allows local administrators to execute arbitrary code with elevated privileges by placing files in an insecure path where the tool runs, due to th...