6 matches found
GHSA-FJM6-8XP2-4FWC Boltz contains an insecure deserialization vulnerability in its molecule loading functionality
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule loading functionality. The application uses Python pickle to deserialize molecule data files without validation. An attacker with the ability to place a malicious pickle file in a directory processed by boltz can achie...
CVE-2025-8023
Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.9.x = 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file...
CVE-2025-8023
Mattermost server versions 9.11.x <= 9.11.17, 10.5.x <= 10.5.8, 10.8.x <= 10.8.3, 10.9.x
dotnet: .NET Remote Code Vulnerability
A remote code execution vulnerability in .NET 8.0 and 9.0. An attacker who can place malicious files in specific locations may trigger unintended code execution when the .NET runtime loads these files...
LiteManager 4.5.0 - Insecure File Permissions Exploit
Exploit Title: LiteManager 4.5.0 - Insecure File Permissions Exploit Author: ZwX Exploit Date: 2019-11-21 Vendor Homepage : LiteManager Team Software Link: http://html.tucows.com/preview/1594042/LiteManager-Free?q=remote+support Tested on OS: Windows 7 Proof of Concept PoC:...
CVE-2019-9491
Trend Micro Anti-Threat Toolkit ATTK versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution RCE when executed...