Keras 路径遍历漏洞

Keras is an open-source deep learning framework developed by Keras. Versions of Keras prior to 3.14.0 contained a path traversal vulnerability. This vulnerability stemmed from a path traversal issue in the archive extraction tool. The functions filtersafetarinfos and filtersafezipinfos used to...

GHSA-2657-3C98-63JQ esm.sh has a path traversal in extractPackageTarball enables file writes from malicious packages

Summary The commit does not actually fix the path traversal bug. path.Clean basically normalizes a path but does not prevent absolute paths in a malicious tar file. PoC This test file can demonstrate the basic idea pretty easily: go package server import "archive/tar" "bytes" "compress/gzip"...

Signal K Server has Unauthenticated State Pollution leading to Remote Code Execution (RCE)

Summary An unauthenticated attacker can pollute the internal state restoreFilePath of the server via the /skServer/validateBackup endpoint. This allows the attacker to hijack the administrator's "Restore" functionality to overwrite critical server configuration files e.g., security.json,...

CVE-2025-66398 Signal K Server has Unauthenticated State Pollution leading to Remote Code Execution (RCE)

Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.19.0, an unauthenticated attacker can pollute the internal state restoreFilePath of the server via the /skServer/validateBackup endpoint. This allows the attacker to hijack the administrator's "Restor...

CVE-2024-45759

Dell PowerProtect Data Domain, versions prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50, contains an escalation of privilege vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to unauthorized execution of certain commands to overwrite system...

lollms path traversal vulnerability

LoLLMs is a Web UI for a large language multimodal system by Saifeddine ALOUI Personal Developer. A path traversal vulnerability exists in lollms version 9.4.0, which stems from a path traversal vulnerability in the etpersonalityconfig endpoint that can be exploited by an attacker to overwrite th...

The vulnerability in the overwrite.config.php implementation: The $domain parameter of the web application for data synchronization with ownCloud allows attackers to perform spoofing attacks.

The vulnerability of the overwrite.config.php script, where $domain is used for the web application’s data synchronization with ownCloud, is related to configuration errors when processing the OWNCLOUDDOMAIN variable. Exploiting this vulnerability allows a malicious actor to perform spear-phishin...