PT-2026-25705

Mattermost fails to validate team-specific upload file permissions in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports fr...

CVE-2026-22034 Snuffleupagus vulnerable to RCE on instances with upload validation enabled but without the VLD package

Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...

Snuffleupagus 安全漏洞

Snuffleupagus is a security module by Julien Voisin Personal Developer. A security vulnerability exists in Snuffleupagus versions prior to 0.13.0, which stems from a misconfiguration of the upload validation feature that could result in files in multipart POST requests being evaluated as PHP code...

PT-2024-24087

Name of the Vulnerable Software and Affected Versions PsiTransfer versions prior to 2.2.0 Description The issue arises from the absence of restrictions on the "POST /files" endpoint, which allows users to create a path for uploading a file in a file distribution. This enables an attacker to add...

Fedora 26 : libupnp (2017-23535a31f8)

miniserver: fix binding to ipv6 link-local addresses - Fix out-of-bound access in createurllist CVE-2016-8863 - If the error or info log files can not be created, use stderr and stdout instead. - SF Bug Tracker 132 CVE-2016-6255: write files via POST Note that Tenable Network Security has...