PT-2026-39837

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the podcast creation endpoint at server/controllers/PodcastController.js accepts a user-controlled file path without sufficient boundary validation to ensure it remains within the intended library directory. This...

UBUNTU-CVE-2025-4090

A vulnerability existed in Firefox for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox 138 and Thunderbird 138...

The vulnerability of the application development environment for ISaGRAF programmable logic controllers arises from the use of an unreliable search path during the loading of dynamic libraries. This allows a hacker to execute arbitrary code.

The vulnerability in the application development environment for ISaGRAF Runtime Rockwell Automation relates to the use of an unreliable search path during the loading of dynamic libraries. Exploiting this vulnerability allows a local attacker to execute arbitrary code...

CVE-2021-43676

matyhtf framework v3.0.5 is affected by a path manipulation vulnerability in Smarty.class.php...

CVE-2020-36169

An issue was discovered in Veritas NetBackup through 8.3.0.1 and OpsCenter through 8.3.0.1. Processes using OpenSSL attempt to load and execute libraries from paths that do not exist by default on the Windows operating system. By default, on Windows systems, users can create directories under the...

CVE-2020-36163

An issue was discovered in Veritas NetBackup and OpsCenter through 8.3.0.1. NetBackup processes using Strawberry Perl attempt to load and execute libraries from paths that do not exist by default on the Windows operating system. By default, on Windows systems, users can create directories under...

The vulnerability of the Vijeo Designer Basic and Vijeo Designer software lies in errors during the validation of the paths for loading dynamic libraries. This allows a hacker to execute arbitrary code.

The vulnerability of the Vijeo Designer Basic and Vijeo Designer software lies in errors during the validation of the paths for loading dynamic libraries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2019-1636

A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows operating systems. An attacker could exploit...

xmlsec1 security and bug fix update

1.2.9-8.1.2 - disable xslt i/o support in library, tools and examples, CVE-2011-1425 - Resolves: rhbz694124 - limit the paths used for searching the security library loaded dynamically...

Mandriva Update for mozilla-firefox MDKSA-2007:050-1 (mozilla-firefox)

Check for the Version of mozilla-firefox OpenVAS Vulnerability Test Mandriva Update for mozilla-firefox MDKSA-2007:050-1 mozilla-firefox Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribut...

Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2007:050-1)

A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10. This update provides the latest Firefox to correct these issues. Update : A regression was found in the latest Firefox packages provided where changes to library paths...