1679 matches found
EUVD-2026-30316
Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary file rename, move, hardlink, and symlink creation on the server. ExifTool supports group-prefix...
CVE-2026-42590
Gotenberg contains a vulnerability (CVE-2026-42590) where ExifTool group-prefix syntax can bypass the dangerous-tag blocklist in metadata handling, allowing arbitrary file rename, move, hardlinks, and symlinks on the server. The issue exists prior to version 8.30.0; the safeKeyPattern and prefix ...
CVE-2026-42590 Gotenberg: ExifTool group-prefix syntax bypasses dangerous-tag blocklist
Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary file rename, move, hardlink, and symlink creation on the server. ExifTool supports group-prefix...
CVE-2026-40893 Gotenberg: ExifTool Dangerous Tag Blocklist Bypass via Group-Prefixed Tag Names Allows Arbitrary File Rename and Move
Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg only checks if the tag is exactly FileName, so System:FileName slips right through and ExifTool happily renames the file. This allows remote attackers to move, rename, and change permissions for arbitrary files...
CVE-2026-40893
CVE-2026-40893 (Gotenberg/ExifTool blocklist bypass) Prior to 8.31.0, Gotenberg’s metadata processing only blocked the bare tag name (FileName), allowing group-prefixed tags like System:FileName to bypass the blocklist, enabling remote attackers to rename, move, or alter file permissions within t...
CVE-2026-40893 Gotenberg: ExifTool Dangerous Tag Blocklist Bypass via Group-Prefixed Tag Names Allows Arbitrary File Rename and Move
Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg only checks if the tag is exactly FileName, so System:FileName slips right through and ExifTool happily renames the file. This allows remote attackers to move, rename, and change permissions for arbitrary files...
EUVD-2026-30307
Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg only checks if the tag is exactly FileName, so System:FileName slips right through and ExifTool happily renames the file. This allows remote attackers to move, rename, and change permissions for arbitrary files...
Gotenberg 安全漏洞
Gotenberg is an open-source, developer-friendly API developed by Gotenberg. It is used to convert various document formats into PDF files. Versions of Gotenberg prior to 8.31.0 contained security vulnerabilities. These vulnerabilities stemmed from a flaw where only whether the tag was “FileName”...
Nautobot: Object bulk rename UI actions vulnerable to denial of service by crafted regular expression (REDoS)
Impact Nautobot UI object-bulk-rename endpoints for example, /dcim/interfaces/rename/ were vulnerable to application-wide denial of service via maliciously crafted regular expressions in the find field in combination with the useregex flag. Patches A general-purpose timeout has been added to thes...
GHSA-QRPW-GJVH-X5GM Nautobot: Object bulk rename UI actions vulnerable to denial of service by crafted regular expression (REDoS)
Impact Nautobot UI object-bulk-rename endpoints for example, /dcim/interfaces/rename/ were vulnerable to application-wide denial of service via maliciously crafted regular expressions in the find field in combination with the useregex flag. Patches A general-purpose timeout has been added to thes...
Regular Expression Denial of Service (ReDoS)
Overview nautobot is a Source of truth and network automation platform. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the find field in combination with the useregex flag in the object bulk rename process. An attacker can cause the application ...
SUSE CVE-2026-43404
In the Linux kernel, the following vulnerability has been resolved: mm: Fix a hmmrangefault livelock / starvation problem If hmmrangefault fails a foliotrylock in doswappage, trying to acquire the lock of a device-private folio for migration, to ram, the function will spin until it succeeds...
PT-2026-40718
Name of the Vulnerable Software and Affected Versions Nautobot versions prior to 2.4.33 Nautobot versions prior to 3.1.2 Description UI object-bulk-rename endpoints, such as "/dcim/interfaces/rename/", are susceptible to an application-wide denial of service. This occurs when maliciously crafted...
ACL Rename Permission Bypass in Team Folders Allows Unauthorized File Renames
None...
CVE-2026-8272 D-Link DNS-320 webfile_mgr.cgi chown os command injection
A security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfilemgr.cgi. The manipulation results in os command injection. The attack may be performed from remote. The exploit has been released to the public...
CVE-2026-8272
CVE-2026-8272 affects D-Link DNS-320 firmware 2.06B01 and targets the webfile_mgr.cgi component. The vulnerability arises from manipulation of file operations (delete/rename/copy/move/chmod/chown), enabling OS command injection via remote input. Publicly released exploit details exist, and exploi...
PT-2026-39571
A security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfile mgr.cgi. The manipulation results in os command injection. The attack may be performed from remote. The exploit has been released to the public...
D-Link DNS-320 命令注入漏洞
The D-Link DNS-320 is a NAS Network Attached Storage device produced by D-Link Corporation. The D-Link DNS-320 version 2.06B01 has a command injection vulnerability. This vulnerability arises from functions such as delete, rename, copy, move, chmod, and chown in the file/cgi-bin/webfilemgr.cgi,...
Unity Linux 20.1060e / 20.1070e Security Update: redis (UTSA-2026-017631)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017631 advisory. Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could b...
CVE-2026-34429
Vvveb prior to 1.0.8.1 contains a stored cross-site scripting vulnerability that allows authenticated users with media upload and rename permissions to execute arbitrary JavaScript by bypassing MIME type validation and renaming uploaded files to executable extensions. Attackers can prepend a GIF8...