EUVD-2022-15321

Malicious code in bioql PyPI...

CVE-2025-10232

A weakness has been identified in 299ko up to 2.0.0. Affected by this issue is the function getSentDir/delete of the file plugin/filemanager/controllers/FileManagerAPIController.php. Executing manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

CVE-2025-10232

A weakness has been identified in 299ko up to 2.0.0. Affected by this issue is the function getSentDir/delete of the file plugin/filemanager/controllers/FileManagerAPIController.php. Executing manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

CVE-2025-10232 299ko FileManagerAPIController.php delete path traversal

A weakness has been identified in 299ko up to 2.0.0. Affected by this issue is the function getSentDir/delete of the file plugin/filemanager/controllers/FileManagerAPIController.php. Executing manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has...

PT-2025-37103

Name of the Vulnerable Software and Affected Versions: 299ko versions up to 2.0.0 Description: A weakness exists in 299ko due to path traversal in the getSentDir/delete function of the plugin/filemanager/controllers/FileManagerAPIController.php file. This issue is remotely exploitable, and the...

CVE-2025-52922

Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated attacker with access to the admin panel could abuse this to: 1 fully map the filesystem structure via the /api/filemanager/files?basefolder= endpoint, 2 create arbitrary directories on the server via...

SUSE CVE-2022-0107

Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

DEBIAN-CVE-2022-0107

Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-0107

Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

Design/Logic Flaw

Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-0107

Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2022-0107

Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-0107

CVE-2022-0107 describes a use-after-free in Chrome OS File Manager API, enabling heap corruption when a user installs a malicious extension via a crafted HTML page. Affected product: Google Chrome on Chrome OS (pre-97.0.4692.71). The Debian security advisory notes a fix in chromium 97.0.4692.71-0...

CVE-2022-0107

Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

Updated chromium-browser-stable packages fix security vulnerability

CVE-2022-0096: Use after free in Storage. CVE-2022-0097: Inappropriate implementation in DevTools. CVE-2022-0098: Use after free in Screen Capture. CVE-2022-0099: Use after free in Sign-in. CVE-2022-0100: Heap buffer overflow in Media streams API. CVE-2022-0101: Heap buffer overflow in Bookmarks...

Chromium: CVE-2022-0107 Use after free in File Manager API

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Microsoft Edge (Chromium) < 97.0.1072.55 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 97.0.1072.55. It is, therefore, affected by multiple vulnerabilities as referenced in the January 6, 2022 advisory. - Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an...

FreeBSD : chromium -- multiple vulnerabilities (9eeccbf3-6e26-11ec-bb10-3065ec8fd3ec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 9eeccbf3-6e26-11ec-bb10-3065ec8fd3ec advisory. - Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allow...

Google Chrome < 97.0.4692.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 97.0.4692.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202201stable-channel-update-for-desktop advisory. - Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed ...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 97 to the stable channel for Windows, Mac and Linux.This will roll out over the coming days/weeks. Chrome 97.0.4692.71 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...