EUVD-2026-27752

In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dmputdevice when failing to get scsi dh name When commit fd81bc5cca8f "scsi: devicehandler: Return error pointer in scsidhattachedhandlername" added code to fail parsing the path if scsidhattachedhandlername...

CVE-2026-24419

OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the Prima Nota Journal Entry module's add.php file. The application fails to validate that comma-separated...

EUVD-2026-4873

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to versions 5.4.51, 6.4.33, 7.3.11, 7.4.5, and 8.0.5, the Symfony Process component did not correctly treat some characters notably = as “special” when escaping arguments on Windows. When PHP i...

The vulnerability of ZIP files stored in the Apache Solr search server allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerability of ZIP files processed by the Apache Solr search server is related to errors in processing the relative path to the directory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

The vulnerability of the gifinto library utility for working with GIF files, GIFLIB, allows a hacker to execute arbitrary code.

The vulnerability of the gifinto library, which is used for working with GIF files, relates to errors in processing the relative path to the directory. Exploiting this vulnerability allows an attacker to execute arbitrary code by writing a specially crafted GIF file to any directory...

The vulnerability of the client for remote desktop clients on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Remote Desktop Client for Windows operating systems in handling relative pathnames to directories involves errors in processing those paths. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the ABB VPNI function in the S+ Control API of the software for management and monitoring of ABB Symphony Plus S+ Operations, S+ Engineering, and S+ Analyst allows a perpetrator to trigger a service failure.

The vulnerability of the ABB VPNI function in the S+ Control API of the ABB Symphony Plus S+ Operations, S+ Engineering, and S+ Analyst software for management and monitoring systems is related to errors in processing relative paths. Exploiting this vulnerability can allow attackers to cause...

DEBIAN-CVE-2024-53093

In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scanwork context. If a path error occurs here, the IO will wait until a path becomes available or all paths are...

CVE-2024-53093 nvme-multipath: defer partition scanning

In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scanwork context. If a path error occurs here, the IO will wait until a path becomes available or all paths are...

The vulnerability of the Fortinet FortiClient protection mechanism, related to errors in processing relative paths, allows attackers to load arbitrary files into the system.

The vulnerability of the Fortinet FortiClient security device is related to errors in processing relative paths. Exploiting this vulnerability can allow attackers to load arbitrary files into the system...

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems is related to errors in processing the relative path to the directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

The vulnerability of the interpreter for Ghostscript software, which handles the processing, conversion, and generation of documents, is related to errors in processing the relative path to the directory. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of the interpreter used in software for processing, transforming, and generating Ghostscript documents is related to errors in processing the relative path to the directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafte...

The vulnerabilities of the Handler for User Photo Upload Command and the Handler for Picture Upload Command in the microprogrammable biometric terminals ZkTeco ProFace X, Smartec ST-FR043, and Smartec ST-FR041ME allow a perpetrator to gain unauthorized access, enabling them to read, modify, or delete data.

The vulnerability of the Handler for User Photo Upload Command and Handler for Picture Upload Command components of the microprogrammed software for biometric terminals ZkTeco ProFace X, Smartec ST-FR043, and Smartec ST-FR041ME is related to errors in processing the relative path to the catalog...

The vulnerability in the embedded Jetty server of the CData Connect integration, analysis, and data management platform allows attackers to escalate their privileges.

The vulnerability of the embedded Jetty server in the CData Connect integration, analysis, and data management platform is related to errors in processing the relative path to the catalog. Exploiting this vulnerability can allow a malicious actor to increase their privileges by sending specially...

The vulnerability in the embedded Jetty server of the CData Sync integration and replication tool allows a perpetrator to gain unauthorized access to protected information and perform arbitrary actions within the system.

The vulnerability in the embedded Jetty server of the CData Sync integration and replication tool is related to errors in processing the relative path to the directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, related to errors in processing the relative path to the directory, allows a hacker to extract data from JAR archives.

The vulnerability of the Continuous Integration and Application Delivery system CI/CD of TeamCity in JetBrains is related to errors in processing the relative path to the directory. Exploiting this vulnerability allows a malicious actor to remotely read data from JAR archives...

The vulnerability of the Archive Extraction Handler component of the IntelliJ IDEA software development environment installer allows a hacker to exploit it to disclose protected information.

The vulnerability of the Archive Extraction Handler component in the IntelliJ IDEA integrated development environment is related to errors in processing the relative path to the directory. Exploiting this vulnerability may allow a remote attacker to execute arbitrary code...

The vulnerability of Websoft HCM’s automation software for HR processes stems from name management or file path handling errors, allowing attackers to gain access to the file system.

The vulnerability of Websoft HCM’s automation software for HR processes is related to name management or file path handling errors. Exploiting this vulnerability can allow an attacker to gain read access to the file system remotely...

The vulnerability of the SFTP Secure File Transfer Protocol implementation in the BioTime time management web platform allows a violator to write arbitrary files.

The vulnerability of the SFTP Secure File Transfer Protocol implementation in the BioTime time-off management web platform is related to errors in processing the relative path to the directory. Exploiting this vulnerability allows a remote attacker to write arbitrary files...

The vulnerability of the software interface for centralized device management in Fortinet FortiManager and FortiAnalyzer allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the software interface for centralized device management in Fortinet’s FortiManager and FortiAnalyzer devices is related to errors in processing the relative path to the directory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...