PT-2026-25825

Name of the Vulnerable Software and Affected Versions SiYuan versions 3.6.0 and below Description SiYuan, a personal knowledge management system, has an issue where the POST request to the /api/import/importStdMd endpoint directly passes the localPath parameter to the model.ImportFromLocalPath...

Path Traversal

Robocode is vulnerable to Path Traversal. The vulnerability is due to improper sanitization of file paths in the recursivelyDelete method of the CacheCleaner component, allowing attackers to manipulate file paths and traverse directories to delete arbitrary files on the system...

CVE-2025-14306

A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize file paths, allowing attackers to traverse directories and delete arbitrary files on the system. This vulnerability can be exploited by...

CVE-2025-14306

A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize file paths, allowing attackers to traverse directories and delete arbitrary files on the system. This vulnerability can be exploited by...

CVE-2025-14306 Directory Traversal in Robocode's CacheCleaner Component

A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize file paths, allowing attackers to traverse directories and delete arbitrary files on the system. This vulnerability can be exploited by...

CVE-2023-1370 Stack exhaustion in json-smart leads to denial of service when parsing malformed JSON

Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays a...

PT-2022-36800 · Git +1 · Opensc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash. Technical details about the crash include the sc pkcs15init rmdir, sc pkcs15init erase card...

Denial Of Service (DoS)

directmailteam/direct-mail is vulnerable to denial of service. An attacker is able to crash the system by requesting invalid or non-existing resources via HTTP which cause the system to call itself recursively...

SUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2018:1872-1)

This update for git to version 2.16.4 fixes several issues. These security issues were fixed : - CVE-2018-11233: Path sanity-checks on NTFS allowed attackers to read arbitrary memory bsc1095218 - CVE-2018-11235: Arbitrary code execution when recursively cloning a malicious repository bsc1095219...

MS16-019: Security Update for .NET Framework to Address Denial of Service (3137893)

The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities in the .NET Framework : - A denial of service vulnerability exists due to improper handling of certain Extensible Stylesheet Language Transformations XSLT. A remote attacker can exploit...

Debian DSA-1651-1 : ruby1.8 - several vulnerabilities

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe...