EUVD-2023-28012

Malicious code in bioql PyPI...

CVE-2025-33035

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5...

CVE-2025-47788

Affected software: Atheos self-hosted browser-based IDE. Vulnerability: Prior to v602, the $target parameter in /controller.php was not properly validated, enabling path traversal to read/execute arbitrary files on the server. Root cause: insufficient input validation in the target parameter hand...

Fedora 41 : php-tcpdf (2025-85549e07c8)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-85549e07c8 advisory. Version 6.9.1 2025-04-03 - Fixed Path Traversal security vulnerability reported by Positive Technologies. ---- Version 6.9.0 2025-03-30 - Added PHP 8.4...

Important: Red Hat Security Advisory: python3.9 security update

An update for python3.9 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

Security update for dcmtk (moderate)

openSUSE Security Update: Security update for dcmtk Announcement ID: openSUSE-SU-2023:0108-1 Rating: moderate References: 1206070 1208637 1208638 1208639 Cross-References: CVE-2022-2119 CVE-2022-2120 CVE-2022-2121 CVE-2022-43272 CVSS scores: CVE-2022-2119 NVD : 9.8...

SUSE-SU-2023:0733-1 Security update for go1.19

This update for go1.19 fixes the following issues: - CVE-2022-41722: Fixed path traversal in filepath.Clean on Windows bsc1208269. - CVE-2022-41723: Fixed quadratic complexity in HPACK decoding bsc1208270. - CVE-2022-41724: Fixed panic with arge handshake records in crypto/tls bsc1208271. -...

SUSE-SU-2022:2046-1 Security update for rubygem-sinatra

This update for rubygem-sinatra fixes the following issues: - CVE-2022-29970: Fixed possible path traversal outside of publicdir when serving static files bsc1199138...

OPENSUSE-SU-2022:0140-1 Security update for grafana

This update for grafana fixes the following issues: - CVE-2021-39226: Fixed snapshot authentication bypass bsc1191454 - CVE-2021-43813: Fixed markdown path traversal bsc1193688...

CVE-2021-21269

Keymaker is a Mastodon Community Finder based Matrix Community serverlist page Server. In Keymaker before version 0.2.0, the assets endpoint did not check for the extension. The rust join method without checking user input might have made it abe to do a Path Traversal attack causing to read more...

OPENSUSE-SU-2020:1674-1 Security update for icingaweb2

This update for icingaweb2 fixes the following issues: - icingaweb2 was updated to 2.7.4 CVE-2020-24368: Fixed a path Traversal which could have allowed an attacker to access arbitrary files which are readable by the process running boo1175530...

OPENSUSE-SU-2019:2347-1 Security update for lighttpd

This update for lighttpd to version 1.4.54 fixes the following issues: Security issues fixed: - CVE-2018-19052: Fixed a path traversal in modalias boo1115016. - Changed the default TLS configuration of lighttpd for better security out-of-the-box boo1087369...

SUSE-SU-2018:3379-1 Security update for zziplib

This update for zziplib fixes the following issues: - CVE-2018-17828: Remove any '../' components from pathnames of extracted files to avoid path traversal during unpacking. bsc1110687...

yum-utils security update

1.1.30-42.0.1 - add dependency btrfs-progs for yum-plugin-fs-snapshot [email protected] bug 16285176 - use unified btrfs binary instead of btrfsctl [email protected] bug 16285176 -1.1.30-42 - reposync: prevent path traversal. - Resolves: bug1600619...