18 matches found
CVE-2026-50877
An issue in Zhoros SuperBin v1.0.0 allows attackers to execute a directory traversal via supplying files with names containing traversal characters...
CVE-2026-34371 LibreChat Affected by Arbitrary File Write via `execute_code` Artifact Filename Traversal
LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the executecode sandbox when persisting code-generated artifacts. On deployments using the default local file strategy, a malicious artifact filename containing traversal sequences f...
CVE-2026-34371
LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the executecode sandbox when persisting code-generated artifacts. On deployments using the default local file strategy, a malicious artifact filename containing traversal sequences f...
CVE-2026-34371 LibreChat Affected by Arbitrary File Write via `execute_code` Artifact Filename Traversal
LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the executecode sandbox when persisting code-generated artifacts. On deployments using the default local file strategy, a malicious artifact filename containing traversal sequences f...
CVE-2026-34750 Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints
Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/storage-azure, @payloadcms/storage-gcs, @payloadcms/storage-r2, and @payloadcms/storage-s3, the client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize...
CVE-2026-23484
Blinko is an AI-powered card note-taking project. In versions from 1.8.3 and prior, the fileName parameter is not filtered, allowing path traversal to write files anywhere on the file system. Moreover, this interface only requires authProcedure normal user, not superAdminAuthMiddleware. At time o...
CVE-2025-22873 Improper access to parent directory of root in os
It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...
SUSE-SU-2026:20195-1 Security update for gpg2
This update for gpg2 fixes the following issues: - CVE-2026-24882: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys bsc1257396. - CVE-2026-24883: denial of service due to long signature packet length causing parsesignature to return success with sig-data set to a NULL...
MiracleLinux 7 : ruby-2.0.0.648-36.el7 (AXSA:2019-4276:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4276:03 advisory. ruby: HTTP response splitting in WEBrick CVE-2017-17742 ruby: DoS by large request in WEBrick CVE-2018-8777 ruby: Buffer under-read in Stringunpack...
ManageEngine DeviceExpert 5.6 ScheduleResultViewer FileName Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine DeviceExpert 5.6 ScheduleResultViewer FileName Traversal', 'Description' = %q This module exploits a directory traversal vulnerabili...
PYSEC-2023-29
Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1...
PT-2023-16171 · Froxlor · Froxlor
Name of the Vulnerable Software and Affected Versions: froxlor versions prior to 2.0.0 Description: The issue is related to Path Traversal, where the sequence '..filename' can be used to access files outside the intended directory. This affects the GitHub repository froxlor/froxlor...
Fortinet FortiClient 路径遍历漏洞
Fortinet FortiClient is a structured agent from Fortinet, Inc. It is used to provide protection, compliance, and secure access in a single modular lightweight client. A path traversal vulnerability exists in Fortinet FortiClient that stems from an input validation error when processing a director...
UBUNTU-CVE-2021-40153
squashfsopendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations...
CVE-2016-10977
The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal...
SecurEnvoy SecurMail Directory Traversal Vulnerability
SecurEnvoy SecurMail is an email application from SecurEnvoy USA. A directory traversal vulnerability exists in SecurEnvoy SecurMail versions prior to 9.2.501. A remote attacker can send a directory traversal vulnerability to the secupload2/upload.aspx file by sending a file with the '...' sequen...
tomcat: unexpected file deletion in work directory
Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename...
PT-2010-1277 · Apache +2 · Apache Tomcat +2
Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 5.5.0 through 5.5.28 Apache Tomcat versions 6.0.0 through 6.0.20 Description: The issue allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename. When deploying WAR file...