CVE-2021-47731 Selea Targa IP Camera Developer Backdoor Configuration Overwrite

Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows unauthorized configuration access through an undocumented page. Attackers can exploit the hidden endpoint by using the hard-coded password 'Selea781830' to enable configuration upload and overwrite...

CVE-2025-67488 SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE

SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user with access to the...

CVE-2025-67488 SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE

SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user with access to the...

CVE-2025-67488

SiYuan (self-hosted open source PIM) is affected by a ZipSlip vulnerability in the importZipMd function. The authenticated user with access to the import functionality can overwrite arbitrary files on the system, potentially escalating to remote code execution in some scenarios (e.g., via Docker ...

CVE-2025-67488 SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE

SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user with access to the...

CVE-2025-66626 argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Versions 3.6.13 and below and versions 3.7.0 through 3.7.4, contain unsafe untar code that handles symbolic links in archives. Concretely, the computation of a link's target and the...

SiYuan vulnerable to RCE via zip slip and Command Injection via PandocBin

Summary Siyuan is vulnerable to RCE. The issue stems from a "Zip Slip" vulnerability during zip file extraction, combined with the ability to overwrite system executables and subsequently trigger their execution. Steps to reproduce 1. Authenticate 2. Create zip slip payload with path traversal...

EUVD-2025-202175

SiYuan: ZipSlip - Arbitrary File Overwrite - RCE...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the importZipMd function. authenticated user with access to the import functionality can overwrite arbitrary files on the system by importing a specially crafted ZIP archive containing directory traversal...

SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE

Summary Function importZipMd is vulnerable to ZipSlip which allows an authenticated user to overwrite files on the system. Details An authenticated user with access to the import functionality in notes is able to overwrite any file on the system, the vulnerable function is importZipMd, this can...

GHSA-GQFV-G4V7-M366 SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE

Summary Function importZipMd is vulnerable to ZipSlip which allows an authenticated user to overwrite files on the system. Details An authenticated user with access to the import functionality in notes is able to overwrite any file on the system, the vulnerable function is importZipMd, this can...

GHSA-XRQC-7XGX-C9VH RCE via ZipSlip and symbolic links in argoproj/argo-workflows

Summary The patch deployed against CVE-2025-62156 is ineffective against malicious archives containing symbolic links. Details The untar code that handles symbolic links in archives is unsafe. Concretely, the computation of the link's target and the subsequent check are flawed:...

RCE via ZipSlip and symbolic links in argoproj/argo-workflows

Summary The patch deployed against CVE-2025-62156 is ineffective against malicious archives containing symbolic links. Details The untar code that handles symbolic links in archives is unsafe. Concretely, the computation of the link's target and the subsequent check are flawed:...

CVE-2025-14307

An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attackers to exploit race conditions and potentially execute arbitrary code or overwrite critical files...

UBUNTU-CVE-2025-14307

An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attackers to exploit race conditions and potentially execute arbitrary code or overwrite critical files...

Insecure Temporary File

Overview net.sf.robocode:robocode.battle is a Build the best - destroy the rest! Affected versions of this package are vulnerable to Insecure Temporary File via the createTempFile function. An attacker can execute arbitrary code or overwrite critical files by manipulating the temporary file...

CVE-2025-14307

Robocode 1.9.3.6 AutoExtract has an insecure temporary file creation vulnerability in createTempFile that can allow race-condition exploitation to potentially execute arbitrary code or overwrite files. The issue arises from insecure handling of temporary files, as described across multiple source...

PT-2025-50252

Name of the Vulnerable Software and Affected Versions SiYuan versions 0.0.0 through 20251202123337-6ef83b42c7ce Description SiYuan is a self-hosted, open source personal knowledge management software. Versions 0.0.0 through 20251202123337-6ef83b42c7ce contain a flaw in the importZipMd function th...

PT-2025-50230

Name of the Vulnerable Software and Affected Versions Argo Workflows versions 3.6.13 and below Argo Workflows versions 3.7.0 through 3.7.4 Description Argo Workflows, a container-native workflow engine for Kubernetes, has an issue with unsafe untar code that improperly handles symbolic links with...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the Attachment service when processing uploaded file names. A user can overwrite files on the server by submitting specially crafted file paths. Details A Directory Traversal attack also known as path traversal ai...