70 matches found
CVE-2026-50510
Improper restriction of names for files and other resources in Github Copilot allows an unauthorized attacker to execute code locally...
GitHub Copilot Remote Code Execution Vulnerability
Improper restriction of names for files and other resources in Github Copilot allows an unauthorized attacker to execute code locally...
EUVD-2026-39549
Certificates with wildcard DNS SANs e.g. .example.com bypassed CA name-constraint checks. A certificate with a wildcard DNS SAN that should be rejected by the issuing CA's permitted/excluded DNS name constraints could be accepted...
ROS-20260430-73-0004
Vulnerability in buildkit related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...
Erlang/OTP 安全漏洞
Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by Node.js’s built-in APIs. Versions 17.0 to 28.4.1, 27.3.4.9, and 26.2.5.18 of Erlang/OTP contain security vulnerabilities due to improper path name restrictions, which may lead to...
CVE-2026-25177
Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network...
CVE-2026-25177
Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network...
Hexpm 安全漏洞
Hexpm is a web page and interface developed by Hex. Hexpm has a security vulnerability, which stems from improper path name restrictions, potentially leading to relative path traversal...
WordPress plugin User Extra Fields 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions of...
WordPress plugin User Extra Fields 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions of...
WordPress plugin Anona: Path traversal vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
EUVD-2003-1583
Malware in sbrugna...
The vulnerability of the WinRAR file archiver, related to incorrect restrictions on the path name of the restricted directory, allows a hacker to execute arbitrary code.
The vulnerability of the WinRAR file archiver is related to incorrect restrictions on the path name of the restricted directory. Exploiting this vulnerability allows an attacker to execute arbitrary code during the extraction of a specially crafted file...
The vulnerability of operating systems iOS, iPadOS, and macOS arises from incorrect restrictions on path names in restricted access directories, allowing attackers to gain unauthorized access to confidential data.
The vulnerability of iOS, iPadOS, and macOS operating systems is related to incorrect restrictions on path names in restricted access directories. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data...
The vulnerability of the software for deploying and maintaining enterprise-level cloud systems based on IBM Cloud Pak System allows a perpetrator to expose protected information.
The vulnerability of software for deploying and maintaining enterprise-level cloud systems based on IBM Cloud Pak Systems is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to disclose protected...
The vulnerability of the Microsoft OneNote note-taking software for the Mac OS allows a hacker to execute arbitrary code.
The vulnerability of the Microsoft OneNote software for the Mac OS relates to incorrect restrictions on file names and other resources. Exploiting this vulnerability could allow a perpetrator to execute arbitrary code...
The vulnerability of the Microsoft Office software package and the Microsoft Outlook email client arises from incorrect restrictions on file names and other resources, allowing an attacker to execute arbitrary code.
The vulnerability of the Microsoft Office software and the Microsoft Outlook email client is related to incorrect restrictions on file names and other resources. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
The vulnerability of Fortinet’s software products arises from incorrect restrictions on path names in restricted access catalogs, allowing attackers to escalate their privileges.
The vulnerability of Fortinet’s software products is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability can allow attackers to enhance their privileges through specially created packages...
The vulnerability of Fortinet’s software products arises from incorrect restrictions on path names in restricted access catalogs, allowing attackers to escalate their privileges.
The vulnerability of Fortinet’s software products is related to incorrect restrictions on path names in the restricted access catalog. Exploiting this vulnerability can allow attackers to enhance their privileges through specially created packages...
The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...