CVE-2026-5535

A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the argument dataSet results in path traversal. The attack is possible to be carried out remotely. The...

CVE-2026-5535 FedML-AI FedML MQTT Message FileUtils.java path traversal

A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the argument dataSet results in path traversal. The attack is possible to be carried out remotely. The...

CVE-2026-5535 FedML-AI FedML MQTT Message FileUtils.java path traversal

A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the argument dataSet results in path traversal. The attack is possible to be carried out remotely. The...

CVE-2026-5535

FedML-AI FedML up to 0.8.9 has a path traversal flaw in the MQTT Message Handler’s FileUtils.java triggered by manipulating the dataSet argument. The issue is remotely exploitable and an exploit has been publicly released. Affected component: MQTT Message Handler (FileUtils.java) within FedML-Fed...

PT-2026-30406

Name of the Vulnerable Software and Affected Versions FedML-AI FedML versions up to 0.8.9 Description A security flaw exists in FedML-AI FedML up to version 0.8.9, specifically within the MQTT Message Handler component. Manipulation of the dataSet argument in an unknown function of the file...

EUVD-2023-25261

Malicious code in bioql PyPI...

CVE-2024-48202

icecms =3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile...

CVE-2024-48202

icecms =3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile...

CVE-2024-48202

icecms =3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile...

CVE-2024-48202

icecms =3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile...

CVE-2024-48202

IceCMS

CVE-2024-48236

An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the FileOutputStream function in the write String method of the ofcms-admin\src\main\java\com\ofsoft\cms\core\uitle\FileUtils.java file...

CVE-2024-48236

An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the FileOutputStream function in the write String method of the ofcms-admin\src\main\java\com\ofsoft\cms\core\uitle\FileUtils.java file...

CVE-2024-48236

An issue in ofcms 1.1.2 allows a remote attacker to execute arbitrary code via the FileOutputStream function in the write String method of the ofcms-admin\src\main\java\com\ofsoft\cms\core\uitle\FileUtils.java file...

PT-2024-33047 · Ofcms · Ofcms

Name of the Vulnerable Software and Affected Versions: ofcms version 1.1.2 Description: The issue allows a remote attacker to execute arbitrary code via the FileOutputStream function in the write String method of the FileUtils.java file. This is located in the...

CVE-2024-48236

CVE-2024-48236 concerns OFCMS 1.1.2. The issue exists in the admin-side FileUtils.java, specifically the FileOutputStream usage inside the write String method, which enables a remote attacker to execute arbitrary code. The descriptions across sources consistently identify this as a remote-code-ex...

CVE-2023-35670

In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Path traversal

In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-35670

In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-35670

Android CVE-2023-35670 arises from a path traversal flaw in FileUtils.java (computeValuesFromData) that can allow inserting files into other apps’ external private directories. This enables local elevation of privilege without additional execution privileges or user interaction, as described in t...