Deep Scan: Expanding Vulnerability Detection Beyond Traditional Boundaries

Security teams estimate that a significant percentage of enterprise software is installed outside standard system directories or package-managed locations, creating persistent visibility gaps for traditional vulnerability-scanning methods. As environments become more decentralized, with...

LoLLMs Cross-Site Request Forgery Vulnerability

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A cross-site request forgery vulnerability exists in LoLLMs version 9.6 that stems from a lax CORS policy. An attacker could use this vulnerability to read arbitrary files on the system and wri...

USN-3579-3: LibreOffice regression

USN-3579-1 fixed a vulnerability in LibreOffice. After upgrading, it was no longer possible for LibreOffice to open documents from certain locations outside of the user's home directory. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovere...

AceFTP 3.80.3 - 'LIST' Directory Traversal

source: https://www.securityfocus.com/bid/29989/info AceFTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue allows an attacker to write arbitrary files to locations outside of the application's curre...

AceFTP 3.80.3 - LIST Directory Traversal

AceFTP 3.80.3 - LIST Directory Traversal source: https://www.securityfocus.com/bid/29989/info AceFTP is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue allows an attacker to write arbitrary files to...