EUVD-2026-32258

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid leaf access in btrfsquotaenable if ref key not found If btrfssearchslotforread returns 1, it means we did not find any key greater than or equals to the key we asked for, meaning we have reached the end of the...

GHSA-G9CW-QWHF-24JP free5gc UDR improper path validation allows unauthenticated deletion of Traffic Influence Subscriptions

Summary An improper path validation vulnerability in the UDR service allows any unauthenticated attacker with access to the 5G Service Based Interface SBI to delete Traffic Influence Subscriptions by supplying an arbitrary value in place of the expected subs-to-notify path segment. Details The...

PT-2026-32973

Name of the Vulnerable Software and Affected Versions free5GC versions 1.4.2 and earlier Description An improper path validation issue exists in the UDR service. An unauthenticated attacker with access to the 5G Service Based Interface can delete arbitrary Traffic Influence Subscriptions by...

PT-2026-32974

Name of the Vulnerable Software and Affected Versions free5GC versions 4.2.1 and earlier Description An improper path validation issue exists in the UDR service. The endpoint 'GET /nudr-dr/v2/application-data/influenceData/influenceId/subscriptionId' is designed to operate only when the influence...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from accessing fields after memory is released on an incorrect path, potentially leading to reuse of...

RiteCMS Improper Access Control Vulnerability

RiteCMS is an open source content management system based on php and sqlite. RiteCMS suffers from an improper access control vulnerability that stems from a lack of validity checking of paths in the /templates/ component when processing directory requests, which can be exploited by an attacker to...

CVE-2025-65713

Home Assistant Core before v2025.8.0 is vulnerable to Directory Traversal. The Downloader integration does not fully validate file paths during concatenation, leaving a path traversal vulnerability...

Path Traversal

db-gpt is vulnerable to Path Traversal. The vulnerability is due to improper validation of uploaded file paths in the /v1/personal/agent/upload endpoint, which allows an attacker to write arbitrary files to sensitive locations and execute malicious code...

EUVD-2025-24827

Malicious code in bioql PyPI...

EUVD-2022-44895

Malicious code in bioql PyPI...

EUVD-2022-55275

Malicious code in bioql PyPI...

CVE-2025-7971

A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment variables. If the specified path lacks a valid file, Logix Designer crashes; However, it may be possible to execute malicious code without triggering a crash...

CVE-2025-7971

A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment variables. If the specified path lacks a valid file, Logix Designer crashes; However, it may be possible to execute malicious code without triggering a crash...

CVE-2025-7971 Studio 5000 Logix Designer® – Arbitrary Code Execution Vulnerability

A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment variables. If the specified path lacks a valid file, Logix Designer crashes; However, it may be possible to execute malicious code without triggering a crash...

CVE-2025-7971 Studio 5000 Logix Designer® – Arbitrary Code Execution Vulnerability

A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment variables. If the specified path lacks a valid file, Logix Designer crashes; However, it may be possible to execute malicious code without triggering a crash...

DEBIAN-CVE-2022-49996

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix possible memory leak in btrfsgetdevargsfrompath In btrfsgetdevargsfrompath, btrfsgetbdevandsb can fail if the path is invalid. In this case, btrfsgetdevargsfrompath returns directly without freeing args-uuid and...

CVE-2022-49996 btrfs: fix possible memory leak in btrfs_get_dev_args_from_path()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix possible memory leak in btrfsgetdevargsfrompath In btrfsgetdevargsfrompath, btrfsgetbdevandsb can fail if the path is invalid. In this case, btrfsgetdevargsfrompath returns directly without freeing args-uuid and...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the btrfsgetdevargsfrompath function not freeing memory when the path is invalid, which could lead to a memory...

CVE-2020-13227

An issue was discovered in Sysax Multi Server 6.90. An attacker can determine the username under which the web server is running by triggering an invalid path permission error. This bypasses the fakepath protection mechanism...

Linux Distros Unpatched Vulnerability : CVE-2018-12536

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynami...