CVE-2026-21716

An incomplete fix for CVE-2024-36137 leaves FileHandle.chmod and FileHandle.chown in the promises API without the required permission checks, while their callback-based equivalents fs.fchmod, fs.fchown were correctly patched. As a result, code running under --permission with restricted...

CVE-2026-21716

An incomplete fix for CVE-2024-36137 leaves FileHandle.chmod and FileHandle.chown in the promises API without the required permission checks, while their callback-based equivalents fs.fchmod, fs.fchown were correctly patched. As a result, code running under --permission with restricted...

Node.js 20.x < 20.20.2 Multiple Vulnerabilities (Tuesday, March 24, 2026 Security Releases).

The version of Node.js installed on the remote host is prior to 20.20.2. It is, therefore, affected by multiple vulnerabilities as referenced in the Tuesday, March 24, 2026 Security Releases advisory. - A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of ...

GHSA-364Q-W7VH-VHPC OliveTin's unsafe parsing of UniqueTrackingId can be used to write files

When the saveLogs feature is enabled, OliveTin persists execution log entries to disk. The filename used for these log files is constructed in part from the user-supplied UniqueTrackingId field in the StartAction API request. This value is not validated or sanitized before being used in a file...

EUVD-2020-30466

Malware in sbrugna...

EUVD-2020-25028

Malware in sbrugna...

EUVD-2025-7076

Malicious code in bioql PyPI...

EUVD-2021-8491

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-36137

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission...

VulnCheck KEV: CVE-2020-1048

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070...

CVE-2020-9682

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to arbitrary file system write...

CVE-2020-3763

Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file system write...

Adobe Creative Cloud < 5.2 Multiple Vulnerabilities (APSB20-33)

The version of Adobe Creative Cloud installed on the remote Windows host is prior to 5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB20-33 advisory. - Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability...

CVE-2024-41867

CVE-2024-41867 affects Adobe After Effects versions 23.6.6, 24.5 and earlier, with an out-of-bounds read that could disclose sensitive memory and bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). remediation is via Adobe APSB24-55 security update (fixed in 23.6....

CVE-2024-41867 After Effects | Out-of-bounds Read (CWE-125)

After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

CVE-2024-41867 After Effects | Out-of-bounds Read (CWE-125)

After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

APSB24-55 : Security update available for Adobe After Effects

Adobe has released an update for Adobe After Effects for Windows and macOS. This update addresses critical, important and moderate security vulnerabilities. Successful exploitation could lead to arbitrary code execution, memory leak and arbitrary file system write in the context of the current us...

Adobe After Effects < 23.6.9 / 24.0 < 24.6 Multiple Vulnerabilities (APSB24-55)

The version of Adobe After Effects installed on the remote Windows host is prior to 23.6.9, 24.6. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB24-55 advisory. - After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability...

PT-2024-5138

Name of the Vulnerable Software and Affected Versions: Node.js affected versions not specified Description: A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. The Node.js Permission Model does not operate on...

BIT-MAGENTO-2021-28584 Magento Commerce path traversal vulnerability in child theme store creation

Magento versions 2.4.2 and earlier, 2.4.1 and earlier and 2.3.6 and earlier are affected by a Path Traversal vulnerability when creating a store with child theme.Successful exploitation could lead to arbitrary file system write by an authenticated attacker. Access to the admin console is required...