CVE-2026-41296 OpenClaw < 2026.3.31 - Sandbox Escape via TOCTOU Race in Remote FS Bridge readFile

OpenClaw before 2026.3.31 contains a time-of-check-time-of-use race condition in the remote filesystem bridge readFile function that allows sandbox escape. Attackers can exploit the separate path validation and file read operations to bypass sandbox restrictions and read arbitrary files...

CVE-2026-24738 gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values

gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...

EUVD-2021-19392

Malware in sbrugna...

EUVD-2021-19398

Malware in sbrugna...

QNAP Systems QuFirewall 路径遍历漏洞

QNAP Systems QuFirewall is a built-in firewall application for QNAP devices from China Weilian Technology QNAP Systems. A path traversal vulnerability exists in QNAP Systems QuFirewall 2.4.1 and prior versions, which originates from a vulnerability that allows an authenticated administrator to re...

The vulnerability of the read_file() function in the libeconf library for analyzing and managing configuration files allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the readfile function in the libeconf library for analyzing and managing configuration files is related to the situation where the operation’s output goes beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures or...

SUSE CVE-2021-32553

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users...

SUSE CVE-2021-32555

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users...

Directory Traversal

Overview marscode is a web editor created with monaco-editor, jquery file tree and nodejs file tree to read, write, edit, delete CRUD files. Affected versions of this package are vulnerable to Directory Traversal. There is no path sanitization in the path provided at fs.readFile in index.js. PoC ...

paps 'read_file()' heap buffer overflow vulnerability

paps is a converter from UTF-8 to PostScript language using Pango, an open source library for high quality rendering of internationalized text. A heap buffer overflow vulnerability exists in paps. An attacker could exploit this vulnerability to execute arbitrary code, which could also result in a...

AstroCMS Multiple Vulnerabilities

No description provided by source. Exploit Title: AstroCMS Multiple Remote Vulnerabilities Google Dork: none Date: 12.03.2011 Author: brainpillow Software Link: http://www.astrocms.com/ Version: UNKNOWN ============================================================ FORGOTPASSWORD SQL-INJ EXPLOIT:...

Thepeak File Upload v1.3 : Read file vulneability

Thepeak File Upload v1.3 : Read file vulneability Discovered By: Phm c Hi Pham Duc Hai Email: duchaikhtn at gmail dot com YIM : kikicoco1985vn Website: http://blog.ajaxviet.com ------------------------- Description: file upload manager 1.3 written by thepeak adam medici copyright c 2003 thepeak o...

DEBIAN-CVE-2006-1062

Unspecified vulnerability in lurker.cgi for Lurker 2.0 and earlier allows attackers to read arbitrary files via unknown vectors...

[RHSA-2003:258-01] GDM allows local user to read any file.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: GDM allows local user to read any file. Advisory ID: RHSA-2003:258-01 Issue date: 2003-08-21 Updated on: 2003-08-21 Product: Red Hat Linux...