Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 6 days ago4 views

GHSA-HWC4-GMRW-5222 Gotenberg has path traversal in zip entry name via Windows-style separators in upload filename

Summary filepath.Base on the Linux container does not strip backslashes , because \ is only a path separator on Windows. A multipart filename like ........\Windows\System32\evil.pdf survives Gotenberg's input sanitisation and lands verbatim as the zip entry name when a multi-output route...

8.8CVSS5.8AI score
Exploits0References3
Github Security Blog
Github Security Blogadded 6 days ago6 views

Gotenberg has path traversal in zip entry name via Windows-style separators in upload filename

Summary filepath.Base on the Linux container does not strip backslashes , because \ is only a path separator on Windows. A multipart filename like ........\Windows\System32\evil.pdf survives Gotenberg's input sanitisation and lands verbatim as the zip entry name when a multi-output route...

5.8AI score
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2026/03/02 12:0 a.m.1 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from logical errors in several functions. These vulnerabilities could allow for the execution of arbitrary code and the escalation of local...

8.4CVSS6.4AI score0.00012EPSS
Exploits0References8
OpenVAS
OpenVASadded 2023/03/08 12:0 a.m.24 views

Debian: Security Advisory (DLA-325-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.9AI score0.00747EPSS
Exploits1References2
OpenVAS
OpenVASadded 2023/03/08 12:0 a.m.23 views

Debian: Security Advisory (DLA-412-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS6.9AI score0.00453EPSS
Exploits4References2
OpenVAS
OpenVASadded 2023/03/08 12:0 a.m.7 views

Debian: Security Advisory (DLA-1434-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
Debian
Debianadded 2018/07/20 2:47 a.m.21 views

[SECURITY] [DLA 1434-1] linux-base update

Package : linux-base Version : 4.5deb8u1 Debian Bug : 702482 761614 The linux-base package has been updated to support the package of Linux 4.9 that was recently added to Debian 8. This resolves a dependency that was not satisfiable by the jessie and jessie-security suites. This update also fixes...

5.7AI score
Exploits0
OpenVAS
OpenVASadded 2014/05/13 12:0 a.m.40 views

Debian: Security Advisory (DSA-2928-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS7.4AI score0.49911EPSS
Exploits7References5
Rows per page
Query Builder