CVE-2026-49135

CVE-2026-49135 affects CodexBar up to version 0.31.x (before 0.32.0). The issue is insecure temporary file handling in the notarization workflow, enabling a local attacker with access to the same host to read the App Store Connect API key written to a fixed path, pre-create files or symlinks to r...

CVE-2020-37160

SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. Local unprivileged users can exploit missing executable files and weak service configurations to create a new administrative user and gain...

CVE-2026-0383

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

CVE-2026-0383

CVE-2026-0383 : A vulnerability in Brocade Fabric OS allows an authenticated, local attacker with privileges to access the Bash shell and read insecurely stored files, including command history. Affected releases include Fabric OS before 9.2.1c2 and 9.2.2 through 9.2.2a, and 10.0.0. Remediation/m...

EUVD-2014-2423

Malware in sbrugna...

EUVD-2003-0202

Malware in sbrugna...

EUVD-2005-2102

Malware in sbrugna...

EUVD-2016-8343

Malware in sbrugna...

EUVD-2004-0231

Malware in sbrugna...

EUVD-2003-0877

Malware in sbrugna...

EUVD-2001-0477

Malware in sbrugna...

EUVD-2013-0216

Malware in sbrugna...

EUVD-2005-3339

Malware in sbrugna...

EUVD-2021-29043

Malicious code in bioql PyPI...

EUVD-2022-43301

Malicious code in bioql PyPI...

GHSA-JJ2R-455P-5GVF filebrowser Sets Insecure File Permissions

Summary The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the database used by File Browser. On standard servers where the umask configuration has not been hardened before, this makes all the stated fil...

CVE-2022-4641

A vulnerability was found in pig-vector and classified as problematic. Affected by this issue is the function LogisticRegression of the file src/main/java/org/apache/mahout/pig/LogisticRegression.java. The manipulation leads to insecure temporary file. The attack needs to be approached locally. T...

CVE-2015-9340

The wp-file-upload plugin before 3.0.0 for WordPress has insufficient restrictions on upload of php, js, pht, php3, php4, php5, phtml, htm, html, and htaccess files...

IBM Cognos Controller File Upload Vulnerability

IBM Cognos Controller is a suite of business intelligence and planning solutions from International Business Machines IBM. The product features process automation, financial audit control, and the creation and management of financial reports. A file upload vulnerability exists in IBM Cognos...

CVE-2024-45676

IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user to upload insecure files, due to insufficient file type distinction...