PT-2026-22048

Name of the Vulnerable Software and Affected Versions Zed versions prior to 0.224.4 Description A Zip Slip Path Traversal issue exists in the extension archive extraction functionality. The extract zip function, located in crates/util/src/archive.rs, does not validate ZIP entry filenames for path...

Security update for singularity (moderate)

openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2020:1529-1 Rating: moderate References: 1176705 1176707 Cross-References: CVE-2020-25039 CVE-2020-25040 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes two vulnerabilities is now availabl...

openSUSE Security Update : singularity (openSUSE-2020-1497)

This update for singularity fixes the following issues : New version 3.6.3, addresses the following security issues : - CVE-2020-25039, boo1176705 When a Singularity action command run, shell, exec is run with the fakeroot or user namespace option, Singularity will extract a container image to a...

Directory traversal

MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files...

CVE-2019-3943

MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read and write files...

PHP safe mode bypass vulneraebility

It's possible to access files behind sandbox directory with cURL module...