UBUNTU-CVE-2025-68242

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix LTP test failures when timestamps are delegated The utimes01 and utime06 tests fail when delegated timestamps are enabled, specifically in subtests that modify the atime and mtime fields using the 'nobody' user ID. The...

CVE-2025-68242 NFS: Fix LTP test failures when timestamps are delegated

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix LTP test failures when timestamps are delegated The utimes01 and utime06 tests fail when delegated timestamps are enabled, specifically in subtests that modify the atime and mtime fields using the 'nobody' user ID. The...

PT-2025-51655

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's NFS implementation related to delegated timestamps. Specifically, the nfs setattr function does not properly verify the inode's User ID UID against th...

EUVD-2018-15568

Malware in sbrugna...

CVE-2024-55514

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /uploadsfmig.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissions...

CVE-2022-33996

Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a preexisting username to inherit the permissions of that previous user...

Microsoft SQL Server Privilege Escalation

Microsoft SQL Server versions 2016, 2017, 2019, and 2022 suffer from multiple privilege escalation vulnerabilities to the SYSADMIN role. Title: Microsoft SQL Server Privilege Escalation from Control Server To Sysadmin role Product: Microsoft SQL Server Affected Versions: sql server...

Path Traversal

@jmondi/url-to-png is vulnerable to Path Traversal. The vulnerability is due to the lack of proper sanitization or validation of the ImageId input within extractqueryparams.ts, which allows an attacker to store an image in an arbitrary location that the server has permission to access...

CVE-2023-50038

There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8, which leads to the loss of server permissions...

CVE-2023-50038

There is an arbitrary file upload vulnerability in the background of textpattern cms v4.8.8, which leads to the loss of server permissions...

GHSA-G2MC-FQQC-HXG3 Pimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.php

Impact The impact of this path traversal and arbitrary extension is limited creation of arbitrary files and appending data to existing files but when combined with the SQL Injection, the exported data RESTRICTED DIFFUSION 9 / 9 can be controlled and a webshell can be uploaded. Attackers can use...

ahh vulnerable to Path Traversal

Due to improper santization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read...

Directory traversal

Due to improper sanitization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read...