5010 matches found
EUVD-2026-12297
Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...
CVE-2026-20990
Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...
CVE-2026-20990
CVE-2026-20990 stems from an improper export of Android app components in Samsung Secure Folder prior to the SMR Mar-2026 Release 1, enabling local attackers to launch arbitrary activities with Secure Folder privilege. The issue is described as a local-privilege escalation due to component export...
CVE-2026-20990
Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...
CVE-2026-20990
Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...
CVE-2026-20990
Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...
WordPress plugin Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
PT-2026-26172
Summary The documents and files module in Admidio does not verify whether the current user has permission to delete folders or files. The folder delete and file delete action handlers in modules/documents-files.php only perform a VIEW authorization check getFolderForDownload / getFileForDownload...
SAMSUNG Secure Folder 安全漏洞
Samsung Secure Folder is a privacy protection software developed by South Korea’s Samsung Corporation. Versions of Samsung Secure Folder prior to the SMR Mar-2026 Release 1 had security vulnerabilities. These vulnerabilities stemmed from improper export of Android application components, which...
PT-2026-25595
Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege...
CVE-2026-1883 Wicked Folders <= 4.1.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Folder Deletion
The Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the deletefolders function due to missing validation on a user controlled key. This makes it possibl...
CVE-2026-1883
CVE-2026-1883 affects the WordPress plugin Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types. It states that all versions up to 4.1.0 are vulnerable to an Insecure Direct Object Reference (IDOR) in the delete_folders() function due to missing validation on a user-controlle...
CVE-2026-30914
SFTPGo is an open source, event-driven file transfer solution. In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths...
CVE-2026-30914 SFTPGo has a Path Traversal and Permission Bypass via Path Normalization Discrepancy
SFTPGo is an open source, event-driven file transfer solution. In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths...
CVE-2026-30914 SFTPGo has a Path Traversal and Permission Bypass via Path Normalization Discrepancy
SFTPGo is an open source, event-driven file transfer solution. In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths...
CVE-2026-30914
SFTPGo is an open source, event-driven file transfer solution. In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths...
CVE-2026-30914
CVE-2026-30914 — SFTPGo : A path normalization discrepancy between protocol handlers and the internal Virtual Filesystem routing in versions prior to 2.7.1 can allow an authenticated attacker to craft specific file paths to bypass folder-level permissions or escape Virtual Folders. This is mitiga...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...
GHSA-X8QH-7475-C5MP SFTPGo Vulnerable to Path Traversal and Permission Bypass via Path Normalization Discrepancy
Impact In SFTPGo versions prior to 2.7.1, a path normalization discrepancy between the protocol handlers and the internal Virtual Filesystem routing can lead to an authorization bypass. An authenticated attacker can craft specific file paths to bypass folder-level permissions or escape the...
[SECURITY] Fedora 43 Update: easyrpg-player-0.8.1.1-4.fc43
EasyRPG Player is a game interpreter for RPG Maker 2000/2003 and EasyRPG game s. To play a game, run the "easyrpg-player" executable inside a RPG Maker 2000/2003 game project folder same place as RPGRT.exe...