88 matches found
CVE-2026-28492 File Browser: Path Traversal in Public Share Links Exposes Files Outside Shared Directory
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.0, when a user creates a public share link for a directory, the withHashFile middleware in http/public.go uses...
FreeBSD : FreeBSD -- Jail chroot escape via fd exchange with a different jail (a88f5b2d-11e9-11f1-8148-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a88f5b2d-11e9-11f1-8148-bc241121aa0a advisory. If two sibling jails are restricted to separate filesystem trees, which is to say that neither of the t...
CVE-2024-50620
Unrestricted Upload of File with Dangerous Type vulnerabilities exist in the rich text editor and document manage components in CIPPlanner CIPAce before 9.17. An authorized user can upload executable files when inserting images in the rich text editor, and upload executable files when uploading...
Exploit for Improper Access Control in Microsoft
CVE-2025-47962-POC Reproduction process: i686-w64-mingw32-gcc...
Exploit for Code Injection in Samba
CVE-2017-7494 Remote root exploit for the SAMBA CVE-2017-7494...
Insecure Temporary File
Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to Insecure Temporary File due to setting the NLTK data directory to a shared, world-writable subdirectory. An attacker can overwrite, delete, or corrupt data files by exploiting...
EUVD-1999-1326
Malware in sbrugna...
EUVD-2024-0464
Malicious code in bioql PyPI...
CVE-2025-30167
Jupyter Core on Windows (CVE-2025-30167) before 5.8.0 searches the shared %PROGRAMDATA% for configuration files (SYSTEM_CONFIG_PATH and SYSTEM_JUPYTER_PATH), which may let an attacker place files affecting other users. Affected: Jupyter Core components on Windows in multi-user, unprotected %PROGR...
Jupyter Core 代码问题漏洞
Jupyter Core is a Jupyter Core feature of Jupyter Open Source. A code issue vulnerability exists in Jupyter Core versions prior to 5.8.0 that stems from searching for configuration files in the shared %PROGRAMDATA% directory on Windows, which could lead to a user creating configuration files that...
CVE-2024-24828
An incorrect default permissions vulnerability was found in pkg. This issue allows an attacker who has access to the /tmp/pkg/ on the local system to replace the genuine executables in the shared directory with malicious executables of the same name...
CVE-2024-24828
pkg is tool design to bundle Node.js projects into an executables. Any native code packages built by pkg are written to a hardcoded directory. On unix systems, this is /tmp/pkg/ which is a shared directory for all users on the same local system. There is no uniqueness to the package names within...
Hardcoded credentials
pkg is tool design to bundle Node.js projects into an executables. Any native code packages built by pkg are written to a hardcoded directory. On unix systems, this is /tmp/pkg/ which is a shared directory for all users on the same local system. There is no uniqueness to the package names within...
CVE-2024-24828 Local Privilege Escalation in execuatables bundled by pkg
pkg is tool design to bundle Node.js projects into an executables. Any native code packages built by pkg are written to a hardcoded directory. On unix systems, this is /tmp/pkg/ which is a shared directory for all users on the same local system. There is no uniqueness to the package names within...
GHSA-22R3-9W55-CJ54 Pkg Local Privilege Escalation
Impact Any native code packages built by pkg are written to a hardcoded directory. On unix systems, this is /tmp/pkg/ which is a shared directory for all users on the same local system. There is no uniqueness to the package names within this directory, they are predictable. An attacker who has...
pkg security vulnerability
npm pkg is a library from npm that packages Node.js projects into executables. A security vulnerability exists in pkg 5.8.1 and earlier, which stems from the fact that any native code package pkg built writes to a hardcoded directory, and can be exploited by an attacker to replace a genuine...
Apache Storm 安全漏洞
Apache Storm is the United States Apache Apache Foundation of a set of open source distributed real-time computing system developed using Clojure concurrent programming language. Apache Storm suffers from an information disclosure vulnerability that stems from a temporary directory shared among a...
Jenkins temporary plugin file created with insecure permissions
Jenkins creates a temporary file when a plugin is deployed directly from a URL. Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates this temporary file in the system temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they m...
Jenkins temporary uploaded file created with insecure permissions
In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, uploaded files processed via the Stapler web framework and the Jenkins API MultipartFormDataParser create temporary files in the system temporary directory with the default permissions for newly created files. If these permissions are overly...
GHSA-55WP-3PQ4-W8P9 Jenkins temporary plugin file created with insecure permissions
Jenkins creates a temporary file when a plugin is deployed directly from a URL. Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates this temporary file in the system temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they m...