Lucene search
K

6 matches found

NVD
NVD
added 10 hours ago2 views

CVE-2026-22102

A POST request sent to a specific webserver endpoint can be used to write to arbitrary file locations. The endpoint accepts the filename parameter in the Content-Disposition header without verification. This can be used to cause a denial of service by overwriting system files, or...

9.3CVSS
Exploits0References1
OSV
OSV
added 2026/01/22 5:16 a.m.8 views

AZL-75195 CVE-2026-24049 affecting package python-wheel 0.43.0-1

wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the...

7.1CVSS7.9AI score0.00311EPSS
Exploits2References1
Snyk
Snyk
added 2026/01/01 6:29 a.m.7 views

Arbitrary Code Injection

Overview datamodel-code-generator is a Datamodel Code Generator Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper sanitization of filenames used in generated headers. An attacker can provide a maliciously crafted filename containing Python syntax or esca...

5.4CVSS7.2AI score
Exploits0References3
OSV
OSV
added 2024/07/04 3:15 p.m.1 views

DEBIAN-CVE-2024-39929

Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mimefilename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users...

5.4CVSS6.7AI score0.41225EPSS
Exploits5References1
CNNVD
CNNVD
added 2024/07/04 12:0 a.m.4 views

Exim Security Vulnerabilities

Exim is an open source messaging agent MTA running on Unix systems that routes, forwards and delivers mail. A security vulnerability exists in Exim 4.97.1 and earlier versions, which stems from incorrectly parsing multiple lines of RFC 2231 header filenames, so that a remote attacker can bypass t...

5.4CVSS6.9AI score0.41225EPSS
Exploits5References8
AstraLinux
AstraLinux
added 2024/06/26 1:32 p.m.7 views

Astra Linux – Vulnerability in exim4

In versions of Exim up to 4.97.1, Misparse processes multi-line RFC 2231 header filenames. As a result, remote attackers can bypass the protection mechanism that blocks $mimefilename extensions, and potentially deliver executable attachments to the mailboxes of end users...

5.4CVSS6.9AI score0.41225EPSS
Exploits5References3
Rows per page
Query Builder