47 matches found
CVE-2026-57871
CVE-2026-57871 describes a relative path traversal vulnerability in MicroRealEstate’s file upload functionality that could potentially overwrite system files. Affected software: MicroRealEstate up to version 1.0.0-alpha3 . Root cause: relative path traversal in the file upload process. Impact: po...
CVE-2026-57871
Relative path traversal vulnerability in MicroRealEstate file upload functionality allows attackers to potentially overwrite system files. This issue affects MicroRealEstate: through 1.0.0-alpha3...
CVE-2026-28269 Kiteworks Core has an OS Command Injection
Kiteworks is a private data network PDN. Prior to version 9.2.0, avulnerability in Kiteworks command execution functionality allows authenticated users to redirect command output to arbitrary file locations. This could be exploited to overwrite critical system files and gain elevated access...
CVE-2026-25701
An Insecure Temporary File vulnerability in openSUSE sdbootutil allows local users to pre-create a directory to achieve various effects like: gain access to possible private information found in /var/lib/pcrlock.d manipulate the data backed up in /tmp/pcrlock.d.bak, therefore violating the...
CVE-2025-69981
FUXA v1.2.7 contains an Unrestricted File Upload vulnerability in the /api/upload API endpoint. The endpoint lacks authentication mechanisms, allowing unauthenticated remote attackers to upload arbitrary files. This can be exploited to overwrite critical system files such as the SQLite user...
GHSA-7G56-FWXJ-CM23 FUXA contains an Unrestricted File Upload vulnerability
FUXA v1.2.7 contains an Unrestricted File Upload vulnerability in the /api/upload API endpoint. The endpoint lacks authentication mechanisms, allowing unauthenticated remote attackers to upload arbitrary files. This can be exploited to overwrite critical system files such as the SQLite user...
PT-2026-6387
FUXA v1.2.7 contains an Unrestricted File Upload vulnerability in the /api/upload API endpoint. The endpoint lacks authentication mechanisms, allowing unauthenticated remote attackers to upload arbitrary files. This can be exploited to overwrite critical system files such as the SQLite user...
FUXA 安全漏洞
FUXA is a web-based process visualization software developed by frangoteam. Version 1.2.7 of FUXA contains a security vulnerability. This vulnerability stems from the lack of an authentication mechanism for the/api/upload API endpoints. This allows unauthorized remote attackers to upload arbitrar...
CVE-2025-9056
Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation...
EUVD-2025-202391
Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation...
CVE-2025-9056
Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation...
CVE-2025-9056
Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation...
CVE-2025-9056
Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation...
CVE-2025-9056
CVE-2025-9056 describes an unprotected service in the AudioLink component that allows a local attacker to overwrite system files via unauthorized service invocation. The issue is documented across multiple feeds (NVD, Red Hat, EUVD, CIRCL, CNNVD, etc.) with consistent description. Affected compon...
Tecno AudioLink 安全漏洞
Tecno AudioLink is an audio linking software in cell phones from the Chinese company Tecno. A security vulnerability exists in Tecno AudioLink, which stems from insufficient protection of the AudioLink component service and could allow a local attacker to overwrite system files...
PT-2025-50303
Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation...
CVE-2025-42937
SAP Print Service SAPSprint performs insufficient validation of path information provided by users. An unauthenticated attacker could traverse to the parent directory and over-write system files causing high impact on confidentiality integrity and availability of the application...
EUVD-2018-0945
Malware in sbrugna...
EUVD-2018-0946
Malware in sbrugna...
EUVD-2025-5302
Malicious code in bioql PyPI...