CVE-2026-28463

OpenClaw exec-approvals allowlist validation checks pre-expansion argv tokens but execution uses real shell expansion, allowing safe bins like head, tail, or grep to read arbitrary local files via glob patterns or environment variables. Authorized callers or prompt-injection attacks can exploit...

CVE-2024-46664

A relative path traversal in Fortinet FortiRecorder CWE-23 version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to read files from the underlying filesystem via crafted HTTP or HTTPs requests...

CVE-2024-5865

Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing arbitrary files reading outside the web publish directory. Versions 23.1-HF7 and on have the patch...

CVE-2024-5865 Arbitrary File Reading in Centrify PAS

Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing arbitrary files reading outside the web publish directory. Versions 23.1-HF7 and on have the patch...

CVE-2024-5865

CVE-2024-5865 affects Delinea Centrify PAS. The issue is a path traversal vulnerability that allows reading arbitrary files outside the web publish directory in Centrify PAS versions before 23.1-HF7; patchs are available in 23.1-HF7 and later. Impact centers on confidentiality (HIGH) with no indi...

CVE-2021-46381

Local File Inclusion due to path traversal in D-Link DAP-1620 leads to unauthorized internal files reading /etc/passwd and /etc/shadow...

SUSE-SU-2020:0331-1 Security update for systemd

This update for systemd fixes the following issues: - CVE-2020-1712 bscbsc1162108 Fix a heap use-after-free vulnerability, when asynchronous Polkit queries were performed while handling Dbus messages. A local unprivileged attacker could have abused this flaw to crash systemd services or potential...

IrfanView User Mode Write Access Conflict Vulnerability (CNVD-2019-36931)

IrfanView is an image viewer by Irfan Skiljan software developer in Bosnia and Herzegovina that supports image browsing, image editing, image format conversion and more. IrfanView 4.53 suffers from a user-mode write access conflict vulnerability. An attacker can exploit this vulnerability to read...

Brave Software: RCE: DnDing shortcut files to chrome://brave allows loading HTML files in Muon's context

Summary: \395737 has shown that Brave supports chrome://brave/ URLs. The Brave team introduced a patch which blocks navigation to chrome://brave and removed chrome.remote.require to prevent command execution on the machine. Navigation to chrome://brave via shortcut files From my understanding: 1...

Brave Software: Local files reading using `link[rel="import"]`

Summary: HTML file could import another file using . Brave returns Access-Control-Allow-Origin: response header for local HTML files. That leads to local files reading. This vulnerability makes 369218 critical. Products affected: Brave: 0.23.19 V8: 6.7.288.46 rev:...

CVE-2017-7693

Directory traversal vulnerability in viewerscript.jsp in Riverbed OPNET App Response Xpert ARX version 9.6.1 allows remote authenticated users to inject arbitrary commands to read OS files...

CVE-2017-7503

It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed...

siemens tecnomatix factorylink 8.0.1.1473 - Multiple Vulnerabilities

No description provided by source. Sources: http://aluigi.org/adv/factorylink1-adv.txt http://aluigi.org/adv/factorylink2-adv.txt http://aluigi.org/adv/factorylink3-adv.txt http://aluigi.org/adv/factorylink4-adv.txt http://aluigi.org/adv/factorylink5-adv.txt...

Debian Security Advisory DSA 2929-1 (ruby-actionpack-3.2 - security update)

Several vulnerabilities were discovered in Action Pack, a component of Ruby on Rails. CVE-2014-0081 actionview/lib/actionview/helpers/numberhelper.rb contains multiple cross-site scripting vulnerabilities CVE-2014-0082 actionpack/lib/actionview/template/text.rb performs symbol interning on MIME...

PT-2014-03: Arbitrary Files Reading in Nixu Namesurfer

The specialists of the Positive Research center have detected an Arbitrary Files Reading vulnerability in Nixu Namesurfer. An attacker can read any file on the server with the rights of the namesurf user. How to fix Update your sofware up to the latest version Advisory status 16.01.2014 - Vendor...

[PT-2013-17] Arbitrary Files Reading in mnoGoSearch

----------------------------------------------------------- PT-2013-17 Positive Technologies Security Advisory Arbitrary Files Reading in mnoGoSearch ----------------------------------------------------------- --- Vulnerable software mnoGoSearch Version: 3.3.12 and earlier Application link:...

mnoGoSearch 3.3.12 (search.cgi) - Arbitrary File Read

----------------------------------------------------------- PT-2013-17 Positive Technologies Security Advisory Arbitrary Files Reading in mnoGoSearch ----------------------------------------------------------- --- Vulnerable software mnoGoSearch Version: 3.3.12 and earlier Application link:...

mnoGoSearch 3.3.12 (search.cgi) - Arbitrary File Read Vulnerability

Exploit for cgi platform in category web applications --- Vulnerable software mnoGoSearch Version: 3.3.12 and earlier Application link: http://www.mnogosearch.org/ --- Severity level Severity level: High Impact: Arbitrary Files Reading Access Vector: Remote CVSS v2: Base Score: 7.8 Vector:...

mnoGoSearch 3.3.12 (search.cgi) - Arbitrary File Read

mnoGoSearch 3.3.12 search.cgi - Arbitrary File Read ----------------------------------------------------------- PT-2013-17 Positive Technologies Security Advisory Arbitrary Files Reading in mnoGoSearch ----------------------------------------------------------- --- Vulnerable software mnoGoSearch...

PT-2013-17: Arbitrary Files Reading in mnoGoSearch

Positive Technologies experts have detected an Arbitrary Files Reading vulnerability in mnoGoSearch. Passing startup parameters via QUERYSTRING http://tools.ietf.org/html/draft-robinson-www-interface-00section-7 for an application running in CGI mode can be used to set page template path variable...