EUVD-2019-6926

Malware in sbrugna...

EUVD-2023-24183

Malicious code in bioql PyPI...

Gradio Allows Unauthorized File Copy via Path Manipulation

An arbitrary file copy vulnerability in Gradio's flagging feature allows unauthenticated attackers to copy any readable file from the server's filesystem. While attackers can't read these copied files, they can cause DoS by copying large files like /dev/urandom to fill disk space. Description The...

CVE-2025-1125 Grub2: fs/hfs: integer overflow may lead to heap based out-of-bounds write

When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size...

PT-2022-4139 · Rockwell Automation · Isagraf Workbench

Name of the Vulnerable Software and Affected Versions: Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 Description: The issue is related to a Path Traversal vulnerability, where crafted malicious files can allow an attacker to traverse the file system when opened by...

Unspecified vulnerability in calipso

Calipso is a simple NodeJS content management system. Built on themes similar to Drupal and Wordpress, it is designed to be fast, flexible and simple. calipso has a security vulnerability that can be exploited by an attacker to overwrite files on any file system...

Winace UnAce 1.x - ACE Archive Directory Traversal

Winace UnAce 1.x - ACE Archive Directory Traversal source: https://www.securityfocus.com/bid/12628/info A remotely exploitable client-side directory-traversal vulnerability affects Winace unace. The application fails to properly sanitize file and directory names contained within malicious ACE...