CVE-2026-7235

A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file app/api/agent-output/route.ts. The manipulation of the argument outputFile leads to path traversal...

CVE-2026-7235 ErlichLiu claude-agent-sdk-master route.ts path traversal

A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file app/api/agent-output/route.ts. The manipulation of the argument outputFile leads to path traversal...

CVE-2026-7235 ErlichLiu claude-agent-sdk-master route.ts path traversal

A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file app/api/agent-output/route.ts. The manipulation of the argument outputFile leads to path traversal...

SUSE CVE-2017-8291

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile %pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017...

promise-probe OS command injection vulnerability

promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization...

Artifex Ghostscript Type Confusion Vulnerability

Artifex Ghostscript allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile...

Zoho ManageEngine ServiceDesk Plus 9.4 User Enumeration

Exploit Title: Zoho ManageEngine ServiceDesk Plus MSP - Active Directory User Enumeration CVE-2021-31159 Date: 17/06/2021 Exploit Author: Ricardo Ruiz @ricardojoserf CVE: CVE-2021-31159 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31159 Vendor Homepage: https://www.manageengine.com...

CVE-2019-10791

promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization...

CVE-2019-10791

promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization...

CVE-2018-19015

An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor Versions 3.42 and prior through a specially crafted project file. An attacker could exploit this to execute code under the privileges of the application...

Artifex Ghostscript Remote Command Execution Vulnerability

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. Artifex Ghostscrip...

VulnCheck KEV: CVE-2017-8291

Artifex Ghostscript allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile...

(0Day) Borland AccuRev Reprise License Server diagnostics_doit Command outputfile Parameter File Overwrite Denial of Service Vulnerability

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the diagonosticdoit command of the AccuRev Reprise License Manager service. The iss...

CVE-2012-4875

Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the issue and...

PT-2012-5627 · Artifex · Ghostscript

Name of the Vulnerable Software and Affected Versions: Ghostscript version 9.04 Description: The issue is related to a heap-based buffer overflow in the gdevwpr2.c file of Ghostscript, specifically when processing the OutputFile device parameter. This allows user-assisted remote attackers to...