PT-2026-39629

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. check access permission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own...

Electerm Security Vulnerability: RCE via malicious SSH server filename in openFileWithEditor

Impact A code execution RCE vulnerability exists in electerm's SFTP open with system editor or "Edit with custom editor" feature. When a user opts to edit a file using open with system editor or open with a custom editor, the filename is passed directly into a command line without sanitization. A...

CVE-2026-43943 electerm: RCE via malicious SSH server filename in openFileWithEditor

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.7.9, a code execution RCE vulnerability exists in electerm's SFTP open with system editor or "Edit with custom editor" feature. When a user opts to edit a file using open with system edito...

CVE-2023-53167

CVE-2023-53167: In the Linux kernel, tracing_err_log_open() can dereference file->private_data if opened with write permissions and then lseek is used, causing a kernel panic via mutex_lock -> seq_lseek. A fix was applied to tracing: Fix null pointer dereference in tracing_err_log_open() fo...

June 25, 2024—KB5039299 (OS Build 19045.4598) Preview

June 25, 2024—KB5039299 OS Build 19045.4598 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...

Security update for xawtv (moderate)

openSUSE Security Update: Security update for xawtv Announcement ID: openSUSE-SU-2020:0787-1 Rating: moderate References: 1171655 Cross-References: CVE-2020-13696 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update for...

Microsoft Windows: Turn off access to the Store

This policy setting specifies whether to use the Store service for finding an application to open a file with an unhandled file type or protocol association. When a user opens a file type or protocol that is not associated with any applications on the computer, the user is given the choice to...

Firefox 3.5.3 - Local Download Manager Temp File Creation

No description provided by source. / getunique.c AKA Mozilla Firefox 3.5.3 Local Download Manager Exploit Jeremy Brown [email protected] // jbrownsec.blogspot.com // krakowlabs.com 10.28.2009 When downloading files through Firefox and choosing the Open with option, Firefox will create a...

Firefox 3.5.3 local download manager temp file creation

Exploit for unknown platform in category local exploits ======================================================= Firefox 3.5.3 local download manager temp file creation ======================================================= Title: Firefox 3.5.3 local download manager temp file creation CVE-ID:...

Mozilla Firefox 3.5.3 - Local Download Manager Temp File Creation

/ getunique.c AKA Mozilla Firefox 3.5.3 Local Download Manager Exploit Jeremy Brown [email protected] // jbrownsec.blogspot.com // krakowlabs.com 10.28.2009 When downloading files through Firefox and choosing the "Open with" option, Firefox will create a temporary file in the form of RANDOM.pa...

Firefox 3.5.3 local download manager temp file creation

No description provided by source. / getunique.c AKA Mozilla Firefox 3.5.3 Local Download Manager Exploit Jeremy Brown [email protected] // jbrownsec.blogspot.com // krakowlabs.com 10.28.2009 When downloading files through Firefox and choosing the "Open with" option, Firefox will create a...

Mozilla Firefox 3.5.3 - Local Download Manager Temp File Creation

Mozilla Firefox 3.5.3 - Local Download Manager Temp File Creation / getunique.c AKA Mozilla Firefox 3.5.3 Local Download Manager Exploit Jeremy Brown [email protected] // jbrownsec.blogspot.com // krakowlabs.com 10.28.2009 When downloading files through Firefox and choosing the "Open with"...