ROS-20260608-73-0013

The vulnerability of the .NET Core software platform is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability allows a remote attacker to write arbitrary files...

ROS-20260526-73-0022

Vulnerability in poetry related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

ROS-20260508-73-0005

Vulnerability in rubygem-activestorage related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

ROS-20260420-73-0043

Vulnerability in incus related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

ROS-20260310-73-0035

Vulnerability in python-wheel related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

Advisory ROSA-SA-2026-3204

Software: vim 8.0.1763 OS: ROSA Virtualization 2.1 unaffected versions = vim-8.0.1763-21.0.1.rv3 affected versions vim-8.0.1763-21.0.0.1.rv3 CVE-ID: CVE-2025-53905 BDU-ID: 2025-11730 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the vim text editor is related to an incorrect restriction of the...

Advisory ROSA-SA-2026-3140

Software: git 2.43.5 OS: ROSA Virtualization 3.0 unaffected versions = git-2.43.5-3.rv30 affected versions git-2.43.5-3.rv30 CVE-ID: CVE-2023-25652 BDU-ID: 2023-03859 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Git distributed version control system is related to flaws in the directory path...

Advisory ROSA-SA-2026-3135

Software: git 2.43.5 OS: ROSA Virtualization 2.1 unaffected versions = git-2.43.5-3.rv3 affected versions git-2.43.5-3.rv3 CVE-ID: CVE-2023-25652 BDU-ID: 2023-03859 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Git distributed version control system is related to flaws in the directory path na...

ROS-20260129-73-0058

Vulnerability in mariadb11.8 related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

The vulnerability in the web interface of the microprogramming software for Digital Optical Network Systems Infinera G42 allows a intruder to gain unauthorized access to protected information.

The vulnerability of the web interface of Microprogramming Software for Digital Optical Network Systems Infinera G42 is related to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to...

The vulnerability of the CLI component of the Brocade Fabric OS operating system allows a hacker to disclose protected information.

The vulnerability of the CLI component of the Brocade Fabric OS operating system is related to an incorrect limitation on the path name to the restricted-access directory. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the incorrect limitation of the path name in the restricted access catalog, allowing attackers to read and write arbitrary files.

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to an incorrect limitation on the name of the path to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to read and write arbitrary files remotely...

The vulnerability of Ollama’s system for running and managing large language models lies in the improper restriction on the path name to the restricted-access catalog, which allows a violator to trigger a service failure.

The vulnerability of the Ollama system for running and managing large language models is related to an incorrect restriction on the path name to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to trigger a service failure...

The vulnerability of the Ivanti Cloud Services Appliance’s network interface, related to incorrect path name restrictions for the restricted access catalog, allows attackers to escalate their privileges.

The vulnerability of the Ivanti Cloud Services Appliance relates to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

ROS-20240927-06

A vulnerability in the VideoBridge component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to errors in security settings. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the protection mechanism of an isolated software...

The vulnerability of the Project File Handler component in the configuration and programming environment of EcoStruxure Foxboro SCADA Fox RTU Station allows a perpetrator to execute arbitrary code.

The vulnerability of the Project File Handler component in the configuration and programming environment of EcoStruxure Foxboro SCADA Fox RTU Station is related to an incorrect limitation on the path name to the restricted-access directory. Exploiting this vulnerability could allow a attacker to...

The vulnerability of the MileSight DeviceHub deployment platform, caused by an incorrect path name limitation for accessing the restricted catalog, allows a violator to execute arbitrary code.

The vulnerability of the MileSight DeviceHub deployment platform exists due to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of the AutomationDirect C-MORE EA9 HMI software-related to incorrect restrictions on path names in the restricted access catalog allows a intruder to trigger a service failure.

The vulnerability of the Microprogrammed Control Panel Software of AutomationDirect C-MORE EA9 HMI is related to incorrect restrictions on the path name to the restricted access catalog. Exploiting this vulnerability could allow an attacker to trigger a service failure...

The vulnerability of Microprogrammed Software in Sharp, NEC’s P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8 displays due to a incorrect restriction on the path name to the restricted access catalog. This allows an attacker to execute arbitrary code.

The vulnerability of Microprogrammed Software in Sharp, NEC’s P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, and MD551C8 displays due to an incorrect...

The vulnerability of the NEXO-OS operating system in the Bosch Nexo cordless nutrunner and Bosch Nexo special cordless nutrunner tools for assembly work in production lines allows a intruder to gain access to and read arbitrary files.

The vulnerability of the NEXO-OS operating system for tools used in production line assembly work, such as the Bosch Nexo cordless nutrunner and the Bosch Nexo special cordless nutrunner, is related to an incorrect limitation on the path name to the restricted access catalog. Exploiting this...