Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.25 views

PT-2026-44007

Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.get resource method in taipy/gui/extension/library.py that allows unauthenticated attackers to escape the intended module directory by exploiting an incomplete path containment check using...

8.7CVSS5.8AI score0.00409EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.9 views

CVE-2026-40515

OpenHarness before commit bd4df81 contains a permission bypass vulnerability that allows attackers to read sensitive files by exploiting incomplete path normalization in the permission checker. Attackers can invoke the built-in grep and glob tools with sensitive root directories that are not...

8.7CVSS5.8AI score0.0023EPSS
Exploits1References1
OSV
OSV
added 2026/03/18 3:27 p.m.3 views

SUSE-SU-2026:20905-1 Security update for busybox

This update for busybox fixes the following issues: Changes in busybox: - CVE-2026-26157: Fixed arbitrary file overwrite and potential code execution via incomplete path sanitization. bsc1258163 - CVE-2026-26158: Fixed arbitrary file modification and privilege escalation via unvalidated tar archi...

7CVSS6.5AI score0.00682EPSS
Exploits2References5
Github Security Blog
Github Security Blog
added 2026/01/26 9:2 p.m.11 views

pnpm has Windows-specific tarball Path Traversal

Summary A path traversal vulnerability in pnpm's tarball extraction allows malicious packages to write files outside the package directory on Windows. The path normalization only checks for ./ but not .. On Windows, backslashes are directory separators, enabling path traversal. This vulnerability...

6.5CVSS5.9AI score0.00433EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2026/01/18 12:0 a.m.8 views

ESM.sh path traversal vulnerability

esm.sh is an open-source content distribution network developed by esm.sh. esm.sh has a path traversal vulnerability; this vulnerability stems from incomplete path cleaning, which may lead to path traversal...

8.7CVSS5.8AI score0.00476EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2013/08/20 1:45 p.m.18 views

Google Chrome 29 Fixes 25 Vulnerabilities

There are 25 fresh security patches in the newest version of Google Chrome, including fixes for a number of high-severity vulnerabilities. Chrome 29 also includes a number of performance enhancements. Google regularly pushes out new versions of its browser every few weeks, and sometimes will only...

7.5CVSS3AI score0.01627EPSS
Exploits0References7
securityvulns
securityvulns
added 2008/08/01 12:0 a.m.27 views

Citrix Metaframe Privilege escalation

Autorun item path is not fully specified...

3.9AI score
Exploits0References1Affected Software2
Rows per page
Query Builder