GHSA-QW64-3X98-G7Q2 go-billy has path traversal vulnerabilities

Impact Multiple path traversal issues exist across different components of go-billy. Insufficient path sanitization and boundary enforcement may allow crafted paths e.g., using .. to escape intended base directories. While go-billy was not originally designed to provide a strong security boundary...

EUVD-2007-4963

Malware in sbrugna...

EUVD-2019-5006

Malware in sbrugna...

EUVD-2007-4454

Malware in sbrugna...

EUVD-2020-4342

Malware in sbrugna...

EUVD-2021-10933

Malware in sbrugna...

EUVD-2023-34923

Malicious code in bioql PyPI...

EUVD-2022-42283

Malicious code in bioql PyPI...

EUVD-2022-33475

Malicious code in bioql PyPI...

EUVD-2023-34922

Malicious code in bioql PyPI...

EUVD-2022-52253

Malicious code in bioql PyPI...

EUVD-2023-34924

Malicious code in bioql PyPI...

EUVD-2023-48740

Malicious code in bioql PyPI...

EUVD-2024-50579

Malicious code in bioql PyPI...

CVE-2025-6023

An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01,...

CVE-2025-6023

Grafana OSS is affected by CVE-2025-6023, an open redirect vulnerability introduced in v11.5.0 that can be chained with path traversal to trigger XSS in scripted dashboards. Affected component: Grafana open redirect in organization switching (also described as an open redirect in organization swi...

CVE-2024-12083

Path Traversal Vulnerabilities CWE-22 exist in NJ/NX-series Machine Automation Controllers. An attacker may use these vulnerabilities to perform unauthorized access and to execute unauthorized code remotely to the controller products...

CVE-2024-32116

Multiple relative path traversal vulnerabilities CWE-23 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker to delete files from the...

CVE-2023-44395

Autolab is a course management service that enables instructors to offer autograded programming assignments to their students over the Web. Path traversal vulnerabilities were discovered in Autolab's assessment functionality in versions of Autolab prior to 2.12.0, whereby instructors can perform...

CVE-2022-30302

Multiple relative path traversal vulnerabilities CWE-23 in FortiDeceptor management interface 1.0.0 through 3.2.x, 3.3.0 through 3.3.2, 4.0.0 through 4.0.1 may allow a remote and authenticated attacker to retrieve and delete arbitrary files from the underlying filesystem via specially crafted web...