39 matches found
NLTK 安全漏洞
NLTK is an open-source natural language toolkit developed by NLTK. It is used to support research and development in natural language processing. Version 3.9.2 of NLTK contains a security vulnerability, which stems from the improper validation of input paths in the filestring function of the...
CVE-2026-24488 OpenEMR Vulnerable to Arbitrary File Exfiltration via Fax Endpoint
OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, an arbitrary file exfiltration vulnerability in the fax sending endpoint allows any authenticated user to read and transmit any file on the server...
CVE-2026-23621
GFI MailEssentials AI versions prior to 22.4 contain an arbitrary directory existence enumeration vulnerability in the ListServer.IsPathExist web method exposed at /MailEssentials/pages/MailSecurity/ListServer.aspx/IsPathExist. An authenticated user can supply an unrestricted filesystem path via...
WordPress Plugin Administrative Shortcodes Security Vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection due to insufficient sanitization of the inputpath for convertdoctopdf. An attacker can execute arbitrary commands by injecting shell metacharacters such as ;, &, |, etc. when specifying the doc file path. Remediation...
GHSA-RX7M-68VC-PPXH PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser
Product: PhpSpreadsheet Version: 3.8.0 CWE-ID: CWE-918: Server-Side Request Forgery SSRF CVSS vector v.3.1: 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS vector v.4.0: 8.7 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Description: SSRF occurs when a processed HTML document is read and...
CVE-2025-6233
Mattermost versions 10.8.x = 10.8.1, 10.7.x = 10.7.3, 10.5.x = 10.5.7, 9.11.x = 9.11.16 fail to sanitize input paths of file attachments in the bulk import JSONL file, which allows a system admin to read arbitrary system files via path traversal...
CVE-2025-6233
CVE-2025-6233 affects Mattermost Server versions 10.8.x up to 10.8.1, 10.7.x up to 10.7.3, 10.5.x up to 10.5.7, and 9.11.x up to 9.11.16. It arises from failing to sanitize input paths of file attachments in the bulk import JSONL file, enabling a system administrator to read arbitrary system file...
SAP NetWeaver Visual Composer Directory Traversal Vulnerability
SAP NetWeaver Visual Composer is a graphical modeling environment in the SAP NetWeaver platform for rapid development and deployment of composite applications. A directory traversal vulnerability exists in SAP NetWeaver Visual Composer, which stems from insufficient input path validation, and can...
CVE-2020-21525
Halo V1.1.3 is affected by: Arbitrary File reading. In an interface that reads files in halo v1.1.3, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it...
CVE-2020-21526
An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it...
CVE-2019-5608
In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented acro...
Incorrect Authorization
Overview github.com/open-policy-agent/opa/server is an open source, general-purpose policy engine that enables unified, context-aware policy enforcement across the entire stack. Affected versions of this package are vulnerable to Incorrect Authorization via the HTTP Data API. An attacker can...
ROS-20250403-09
Apache Tomcat application server vulnerability is related to accepting input path data as an internal point without verification. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information and execute arbitrary code. unauthorized access to...
CVE-2024-43878 xfrm: Fix input error path memory access
In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix input error path memory access When there is a misconfiguration of input state slow path KASAN report error. Fix this error. west login: 52.987278 eth1: renamed from veth11 53.078814 eth1: renamed from veth21 53.181355...
GHSA-PWC9-Q4HJ-PG8G LoLLMS Command Injection vulnerability
A vulnerability in the parisneo/lollms, specifically in the /unInstallbinding endpoint, allows for arbitrary code execution due to insufficient sanitization of user input. The issue arises from the lack of path sanitization when handling the name parameter in the unInstallbinding function, allowi...
CVE-2020-21525
Halo V1.1.3 is affected by: Arbitrary File reading. In an interface that reads files in halo v1.1.3, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it...
CVE-2019-5608
In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented acro...
Tilde CMS class.SystemAction.php file SQL injection vulnerability
Tilde CMS is a web content management system CMS. A SQL injection vulnerability exists in the class.SystemAction.php file in Tilde CMS version 1.0.1. A remote attacker can exploit this vulnerability by sending a POST request to /actionphp/action.input.php with the 'id' parameter to execute...