EUVD-2021-2329

Malware in sbrugna...

EUVD-2022-37713

Malicious code in bioql PyPI...

Improper Access Control

org.apache.jena, jena-fuseki is vulnerable to improper access control. The vulnerability is due to insufficient validation or restriction on file path locations when administrators create database files in Apache Jena, allows creation of files outside the intended directory structure...

CVE-2024-28131

EasyRange Ver 1.41 contains an issue with the executable file search path when displaying an extracted file on Explorer, which may lead to loading an executable file resides in the same folder where the extracted file is placed. If this vulnerability is exploited, arbitrary code may be executed...

CVE-2022-32833

An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history...

CVE-2025-27553

Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0. The FileObject API in Commons VFS has a 'resolveFile' method that takes a 'scope' parameter. Specifying 'NameScope.DESCENDENT' promises that "an exception is thrown if the resolved file is not a descendent of the base file...

Debian dla-4056 : golang-glog-dev - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4056 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4056-1 [email protected] https://www.debian.org/lts/security/...

SUSE-SU-2023:4710-1 Security update for hplip

This update for hplip fixes the following issues: - Fixed insecure /tmp file paths inside hppsfilter booklet printing bsc1214399...

Arbitrary file deletion

Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\0' character...

Cross site scripting

Jenkins Sonargraph Integration Plugin 5.0.1 and earlier does not escape the file path and the project name for the Log file field form validation, resulting in a stored cross-site scripting vulnerability exploitable by attackers with Item/Configure permission...

Citrix Workspace App fails to open ICA file automatically

CWA configuration manager fails to open ICA file automatically with the error message: "ICA Client Configuration Manager: Could not find the file names C:\Users\..\launch.ica. Please check your installation, or contact your administrator."...

Restore Fails for Database with Consecutive Backslash Characters in File Path

Challenge Veeam Explorer for Microsoft SQL Server reports the error: Inconsistent database metadata. See the log for details. Cause One or more database file paths contained multiple consecutive backslash characters when the SQL server was backed up. Solution Clarifying Issue This issue cannot be...