Denial Of Service (DoS)

github.com/google/osv-scalibr is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of empty directory responses in the filesystem traversal fallback path, which allows an attacker to trigger an out-of-bounds access index out of range leading to a panic and...

SUSE CVE-2026-32146

Improper path validation vulnerability in the Gleam compiler's handling of git dependencies allows arbitrary file system modification during dependency download. Dependency names from gleam.toml and manifest.toml are incorporated into filesystem paths without sufficient validation or confinement ...

SUSE CVE-2025-13425

A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next to overindex an empty slice when ReadDir returns nil for an empty directory, resulting in a panic index out of range and an application crash denial of service in OSV-SCALIBR...

EUVD-2025-198300

OSV-SCALIBR has NULL Pointer Dereference...

OSV-SCALIBR has NULL Pointer Dereference

A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next to overindex an empty slice when ReadDir returns nil for an empty directory, resulting in a panic index out of range and an application crash denial of service in OSV-SCALIBR...

GHSA-F786-75F3-74XJ OSV-SCALIBR has NULL Pointer Dereference

A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next to overindex an empty slice when ReadDir returns nil for an empty directory, resulting in a panic index out of range and an application crash denial of service in OSV-SCALIBR...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the fs/diriterate/diriterate.go:Next function. An attacker can cause the application to crash by triggering a filesystem traversal fallback path that leads to an over-indexing of an empty slice when...

CVE-2025-13425

A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next to overindex an empty slice when ReadDir returns nil for an empty directory, resulting in a panic index out of range and an application crash denial of service in OSV-SCALIBR...

CVE-2025-13425 Denial of Service in OSV-SCALIBR

A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next to overindex an empty slice when ReadDir returns nil for an empty directory, resulting in a panic index out of range and an application crash denial of service in OSV-SCALIBR...

CVE-2025-13425 Denial of Service in OSV-SCALIBR

A bug in the filesystem traversal fallback path causes fs/diriterate/diriterate.go:Next to overindex an empty slice when ReadDir returns nil for an empty directory, resulting in a panic index out of range and an application crash denial of service in OSV-SCALIBR...

CVE-2025-13425

OSV-SCALIBR (CVE-2025-13425) is a vulnerability in the Go-based OSV-SCALIBR project where the filesystem traversal fallback path overindexes an empty slice in fs/diriterate/diriterate.go:Next() if ReadDir returns nil for an empty directory, causing a panic and a potential denial-of-service. Affec...

PT-2025-47589

Name of the Vulnerable Software and Affected Versions versions prior to 2025-13425 Description A flaw exists in the filesystem traversal fallback path, specifically within the fs/diriterate/diriterate.go:Next function. This issue causes an overindex on an empty slice when the ReadDir function...

[SECURITY] Fedora 43 Update: python-rignore-0.7.1-1.fc43

rignore is a Python module that provides a high-performance, Rust-powered file system traversal functionality. It wraps the Rust ignore crate using PyO3, offering an efficient way to walk through directories while respecting various ignore rules...

EUVD-2017-17000

Malware in sbrugna...

EUVD-2024-2100

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-3178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to othe...

CVE-2024-50404

A link following vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: Qsync Central...

BIT-OPENCART-2024-21518

This affects versions of the package opencart/opencart from 4.0.0-0. A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be extracted to arbitrary locations. An...

GHSA-M7R8-2R98-VPPJ Zip slip in opencart

This affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be extracted to arbitrary locations. An...

CVE-2024-21518

This affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be extracted to arbitrary locations. An...