322 matches found
CVE-2026-58451
Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...
CVE-2026-58451 Horde IMP < 7.0.1 Path Traversal via Compose.php img src
Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...
CVE-2026-58451 Horde IMP < 7.0.1 Path Traversal via Compose.php img src
Horde IMP before 7.0.1 contains a path traversal vulnerability in lib/Compose.php that allows authenticated attackers to read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix in img src URLs. Attackers can bypass the stripos prefix validatio...
CVE-2026-58451
CVE-2026-58451 concerns Horde IMP prior to 7.0.1. A path traversal flaw in lib/Compose.php enables an authenticated attacker to read arbitrary server files by inserting traversal sequences after the CKEditor path prefix in img src URLs. The issue circumvents prefix validation by appending travers...
PT-2026-54913
Name of the Vulnerable Software and Affected Versions Horde IMP versions prior to 7.0.1 Description A path traversal issue exists in the lib/Compose.php file. Authenticated attackers can read arbitrary files from the server filesystem by embedding traversal sequences after a CKEditor path prefix ...
CVE-2026-3796 Qi-ANXIN QAX Virus Removal Mini Filter Driver QKSecureIO_Imp.sys ZwTerminateProcess access control
A weakness has been identified in Qi-ANXIN QAX Virus Removal up to 2025-10-22. The affected element is the function ZwTerminateProcess in the library QKSecureIOImp.sys of the component Mini Filter Driver. Executing a manipulation can lead to improper access controls. The attack is restricted to...
CVE-2026-3796
CVE-2026-3796 affects Qi-ANXIN QAX Virus Removal (Mini Filter Driver component) via ZwTerminateProcess in QKSecureIO_Imp.sys. The vulnerability arises from a manipulation that enables improper access controls; attack is local and there is publicly available exploit. Multiple trusted sources (NVD,...
CVE-2026-2536 opencc JFlow Workflow WF_Admin_AttrFlow.java Imp_Done xml external entity reference
A vulnerability was determined in opencc JFlow up to 20260129. This affects the function ImpDone of the file src/main/java/bp/wf/httphandler/WFAdminAttrFlow.java of the component Workflow Engine. This manipulation of the argument File causes xml external entity reference. The attack may be...
CVE-2026-2536
The vulnerability CVE-2026-2536 affects the opencc JFlow Workflow Engine, specifically the Imp_Done function in WF_Admin_AttrFlow.java. The issue arises from manipulating the File argument, enabling an XML External Entity (XXE) reference. Remote exploitation is possible, and public disclosure of ...
JFlow 代码问题漏洞
JFlow is a low-code BPM development platform open-sourced by Jinan Chicheng opencc in China. Versions of JFlow dated 20260129 and earlier contained code vulnerabilities. These vulnerabilities stemmed from incorrect handling of the File parameter in the function ImpDone within the Workflow Engine...
orx-concurrent-bag (>=1.0.0 <=1.16.0), orx-concurrent-iter (>=1.0.0 <=1.22.1) +9 more potentially affected by unknown CVE via orx-pinned-vec (>=0.1.1 <=2.12.0)
orx-pinned-vec CARGO version =0.1.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.6.0, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =0.6.0, =2.14.0 Source cves: unknown CVE Source advisory: OSV:GHSA-H5J3-CRG5-8JQM...
EUVD-2002-0179
Malware in sbrugna...
EUVD-2010-0494
Malware in sbrugna...
EUVD-2010-3677
Malware in sbrugna...
EUVD-2010-4743
Malware in sbrugna...
EUVD-2010-1659
Malware in sbrugna...
EUVD-2002-2003
Malware in sbrugna...
EUVD-2001-0840
Malware in sbrugna...
EUVD-2000-0457
Malware in sbrugna...
EUVD-2005-4075
Malware in sbrugna...