2616 matches found
CVE-2025-36145
IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions...
CVE-2025-36145
IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions...
CVE-2025-36145
CVE-2025-36145 affects IBM watsonx.data (Lakehouse) versions 2.2–2.3.1. The issue is inadequate restriction of inbound/outbound connections, enabling an attacker to transfer or modify files without proper controls. Impact: confidentiality/integrity concerns with file operations; no exploit detail...
EUVD-2026-30668
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified...
CVE-2026-8704
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified...
DEBIAN-CVE-2026-8704
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified...
UBUNTU-CVE-2026-8704
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified...
CVE-2026-8704 Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified...
CVE-2026-8704 Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified...
CVE-2026-8704
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified...
CVE-2026-8704
CVE-2026-8704 affects Crypt::DSA for Perl, version up to 1.19, where the 2-argument open function can allow existing files to be modified. This is the underlying root cause described across multiple sources. A fixed version is indicated as later than 1.19 (e.g., 1.20 per release notes), with reme...
EUVD-2026-29957
An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
F5 BIG-IQ 路径遍历漏洞
F5 BIG-IQ is a software-based cloud management solution developed by F5 Corporation in the United States. This solution supports the delivery of applications and network services across public and private clouds, traditional data centers, and hybrid environments. F5 BIG-IQ has a path traversal...
Important: Red Hat Security Advisory: nginx security update
An update for nginx is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
USN-8236-1 slurm-wlm vulnerabilities
It was discovered that Slurm did not correctly handle certain file system operations. An attacker could possibly use this issue to modify files or leak sensitive information. This issue only affected Ubuntu 22.04 LTS. CVE-2023-41914 Ryan Hall discovered that Slurm did not correctly enforce certai...
Astra Linux - уязвимость в libyaml-libyaml-perl
YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified...
IBM Langflow Desktop 代码注入漏洞
IBM Langflow Desktop is a desktop application for AI process orchestration developed by IBM. Versions 1.0.0 to 1.8.4 of IBM Langflow Desktop contain a code injection vulnerability. This vulnerability allows attackers to execute arbitrary commands with privileges to run the Langflow process,...
CVE-2026-40254
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A rogue Remote Desktop Protocol RDP server can exploit an off-by-one error in the path traversal filter. This allows the server to read, list, or write files in the directory above the client's shared folder when t...
📄 Below Symlink Privilege Escalation
This Python script demonstrates a potential privilege escalation technique related to CVE-2025-27591, leveraging symbolic link symlink manipulation in a logging directory used by the below utility. Versions prior to 0.9.0 are affected...
EUVD-2026-22679
Unauthenticated Configuration File Modification Vulnerability in DRC Central Office Services COS allows an attacker to modify the server's configuration file, potentially leading to mass data exfiltration, malicious traffic interception, or disruption of testing services...