D-Link DNS-320 命令注入漏洞

The D-Link DNS-320 is a NAS Network Attached Storage device produced by D-Link Corporation. The D-Link DNS-320 version 2.06B01 has a command injection vulnerability. This vulnerability arises from functions such as delete, rename, copy, move, chmod, and chown in the file/cgi-bin/webfilemgr.cgi,...

SUSE CVE-2026-43073

In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...

EUVD-2026-27378

In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper memory release in the fscryptsetupfilename function within f2fsrename. This could le...

CVE-2026-26267 rs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collide

soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22.0.10, 23.5.2, and 25.1.1, the contractimpl macro contains a bug in how it wires up function calls. contractimpl generates code that uses MyContract::value style calls even when it's processing the trait version. This means if a...

CVE-2026-26267 rs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collide

soroban-sdk is a Rust SDK for Soroban contracts. Prior to versions 22.0.10, 23.5.2, and 25.1.1, the contractimpl macro contains a bug in how it wires up function calls. contractimpl generates code that uses MyContract::value style calls even when it's processing the trait version. This means if a...

EUVD-2025-7537

Malicious code in bioql PyPI...

EUVD-2021-30592

Malicious code in bioql PyPI...

VulnCheck KEV: CVE-2020-27387

An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows an authenticated remote attacker with access to the FileManager to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager's rename function to provide the payload which will receiv...

CVE-2017-16892

In Bftpd before 4.7, there is a memory leak in the file rename function...

PT-2025-10752 · Mrcms · Mrcms

Name of the Vulnerable Software and Affected Versions: MRCMS version 3.1.2 Description: A problem was found in the rename function of the /admin/file/rename.do file in the org.marker.mushroom.controller.FileController component. The manipulation of the name/path argument leads to cross-site...

The vulnerability of the udf component in the Linux operating system’s kernel, which stems from the use of an uninitialized resource, allows a hacker to trigger a service failure.

The vulnerability of the udf component in the Linux operating system’s kernel is related to the use of an uninitialized resource in the udfrename function. Exploiting this vulnerability can allow a attacker to cause a service failure...

PT-2024-38849

Name of the Vulnerable Software and Affected Versions: Chengdu Everbrite Network Technology BeikeShop versions up to 1.5.5 Description: A critical issue has been found, affecting the rename function of the file /Admin/Http/Controllers/FileManagerController.php. The manipulation of the new name...

Everbrite BeikeShop 代码问题漏洞

Network etc. are Cloudburst open source products. network is a network component. backpack for Laravel FileManager etc. are Backpack for Laravel open source products. fileManager is a file manager. clickHouse ch etc. are ClickHouse open source products. ch is a ClickHouse low-level Go client...

The vulnerability of the f2fs_rename() function in the f2fs component of the Linux operating system allows a hacker to gain increased privileges.

The vulnerability of the f2fsrename function in the f2fs component of the Linux operating system is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow an attacker to increase their privileges...

CVE-2023-52444 f2fs: fix to avoid dirent corruption

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid dirent corruption As Al reported in link1: f2fsrename ... if olddir != newdir && !whiteout f2fssetlinkoldinode, olddirentry, olddirpage, newdir; else f2fsputpageolddirpage, 0; You want correct inumber in the "....

GHSA-9W49-M7XH-5R39 Cross-site scripting in papermerge

Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...

Cross-site scripting in papermerge

Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...

Papermerge Cross-Site Scripting Vulnerability

Papermerge is an open source document management system DMS for archiving and retrieving digital documents. Multiple cross-site scripting vulnerabilities exist in versions prior to Papermerge 1.5.2. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in...